Skip to main content
  1. Home
  2. Computing
  3. News

AI can now steal your passwords with almost 100% accuracy — here’s how

Jacob Roach
By
A digital depiction of a laptop being hacked by a hacker.
Digital Trends

Researchers at Cornell University have discovered a new way for AI tools to steal your data — keystrokes. A new research paper details an AI-driven attack that can steal passwords with up to 95% accuracy by listening to what you type on your keyboard.

The researchers accomplished this by training an AI model on the sound of keystrokes and deploying it on a nearby phone. The integrated microphone listened for keystrokes on a MacBook Pro and was able to reproduce them with 95% accuracy — the highest accuracy the researchers have seen without the use of a large language model.

Recommended Videos

The team also tested accuracy during a Zoom call, in which the keystrokes were recorded with the laptop’s microphone during a meeting. In this test, the AI was 93% accurate in reproducing the keystrokes. In Skype, the model was 91.7% accurate.

Related

Before your throw away your loud mechanical keyboard, it’s worth noting that the volume of the keyboard had little to do with the accuracy of the attack. Instead, the AI model was trained on the waveform, intensity, and time of each keystroke to identify them. For instance, you may press one key a fraction of a second later than others due to your typing style, and that’s taken into account with the AI model.

In the wild, this attack would take the form of malware installed on your phone or another nearby device with a microphone. Then, it just needs to gather data from your keystrokes and feed them into an AI model by listening on your microphone. The researchers used CoAtNet, which is an AI image classifier, for the attack, and trained the model on 36 keystrokes on a MacBook Pro pressed 25 times each.

There are some ways around this kind of attack, as reported by Bleeping Computer. The first is to avoid typing your password in at all by leveraging features like Windows Hello and Touch ID. You can also invest in a good password manager, which not only avoids the threat of typing in your password but also allows you to use random passwords for all of your accounts.

What won’t help is a new keyboard. Even the best keyboards can fall victim to the attack due to its method, so quieter keyboards won’t make a difference.

Unfortunately, this is just the latest in a string of new attack vectors enabled by AI tools, including ChatGPT. Just a week ago, the FBI warned about the dangers of ChatGPT and how it’s being used to launch criminal campaigns. Security researchers have also seen new challenges, such as adaptive malware that can quickly change through tools like ChatGPT.

Editors' Recommendations

Topics
Jacob Roach
Jacob Roach
Senior Staff Writer, Computing
Jacob Roach is a writer covering computing and gaming at Digital Trends. After realizing Crysis wouldn't run on a laptop, he…
GPTZero: how to use the ChatGPT detection tool
A MidJourney rendering of a student and his robot friend in front of a blackboard.

In terms of world-changing technologies, ChatGPT has truly made a massive impact on the way people think about writing and coding in the short time that it's been available. Being able to plug in a prompt and get out a stream of almost good enough text is a tempting proposition for many people who aren't confident in their writing skills or are looking to save time. However, this ability has come with a significant downside, particularly in education, where students are tempted to use ChatGPT for their own papers or exams. That prevents them from learning as much as they could, which has given teachers a whole new headache when it comes to detecting AI use.

Teachers and other users are now looking for ways to detect the use of ChatGPT in students' work, and many are turning to tools like GPTZero, a ChatGPT detection tool built by Princeton University student Edward Tian. The software is available to everyone, so if you want to try it out and see the chances that a particular piece of text was written using ChatGPT, here's how you can do that.
What is GPTZero?

Read more
Is ChatGPT safe? Here are the risks to consider before using it
A response from ChatGPT on an Android phone.

For those who have seen ChatGPT in action, you know just how amazing this generative AI tool can be. And if you haven’t seen ChatGPT do its thing, prepare to have your mind blown! 

There’s no doubting the power and performance of OpenAI’s famous chatbot, but is ChatGPT actually safe to use? While tech leaders the world over are concerned over the evolutionary development of AI, these global concerns don’t necessarily translate to an individual user experience. With that being said, let’s take a closer look at ChatGPT to help you hone in on your comfort level.
Privacy and financial leaks
In at least one instance, chat history between users was mixed up. On March 20, 2023, ChatGPT creator OpenAI discovered a problem, and ChatGPT was down for several hours. Around that time, a few ChatGPT users saw the conversation history of other people instead of their own. Possibly more concerning was the news that payment-related information from ChatGPT-Plus subscribers might have leaked as well.

Read more
What is ChatGPT Plus? Here’s what to know before you subscribe
Close up of ChatGPT and OpenAI logo.

ChatGPT is completely free to use, but that doesn't mean OpenAI isn't also interested in making some money.

ChatGPT Plus is a subscription model that gives you access to a completely different service based on the GPT-4 model, along with faster speeds, more reliability, and first access to new features. Beyond that, it also opens up the ability to use ChatGPT plug-ins, create custom chatbots, use DALL-E 3 image generation, and much more.
What is ChatGPT Plus?
Like the standard version of ChatGPT, ChatGPT Plus is an AI chatbot, and it offers a highly accurate machine learning assistant that's able to carry out natural language "chats." This is the latest version of the chatbot that's currently available.

Read more