Artificial intelligence is capable of stealing your passwords by listening to your keyboard strokes, researchers have found. It’s not just the sound but also the waveform, intensity and timing of each keystroke that AI can sense, also able to detect each user’s unique typing style, they found, by doing tests on smartphones placed near MacBook Pro keyboards.
Furthermore, AI on smartphones near videoconferencing applications, like Zoom, and other off-the-shelf applications can also listen in as people log into accounts and websites, according to the researchers from Durham University, University of Surrey and University of London. However, AI can detect passwords via videoconferencing a little less accurately, 93% of the time.
This AI downside risk is more ubiquitous than people may realize, the researchers said, noting that “the number of microphones within acoustic range of keyboards has increased and will likely continue to do so.”
One way to avoid AI stealing critical passwords is to use password manager software, like Windows Hello or Touch ID, to generate, store and embed strong passwords.
Not only will the software automate your passwords so that you don’t have to remember them all, but it eliminates the step of typing them in and risking a malevolent AI eavesdropper on your phone or other device stealing them.
It might also be a good idea to keep devices with audio and/or microphones away from computers and laptops where you log into accounts. The researchers did not address the question of what to do if AI malware somehow makes its way to a laptop or computer, rather than on a separate smartphone near a laptop or computer.