PREVIOUSLY, THE ONLY way a hacker could get your password with their ears would be if you shout it out of an open window while they're passing. Even then, without context, they might just assume you're doing a bad karaoke version of Steps' hit 5,6,7,8.
That might be about to change. Spoilers if you haven't cracked open the latest copy of Interactive, Mobile, Wearable and Ubiquitous Technologies: it contains a paper from the Southern Methodist University in Texas where researchers prove you can guess passwords by eavesdropping on the sounds keyboards make when pressed.
To be clear, you shouldn't be on the lookout for somebody putting a glass against your laptop screen. This can all be done via a hacked smartphone, which picks up on the acoustic signals, which are subtly different depending on which key is pressed.
To make it as close to real-world conditions as possible, the researchers set up eight phones, kept between three inches and several feet from the computer. The scenario involved background chatter and people taking notes on the target laptop, either in full sentences or in shorthand. Correcting typos was also permitted, though not compulsory.
"We were able to pick up what people are typing at a 41 per cent word accuracy rate," co-author Professor Eric Larson told The Telegraph. "And we can extend that out - above 41 per cent - if we look at, say, the top ten words of what we think it might be."
That may not sound very high - especially when it's not clear when somebody is logging in - but combine it with a list of the most common passwords and suddenly it becomes a bit more of a threat.
"A successful interception of this sort could potentially be very scary because there's no way to know if you're being hacked this way," Larson added.
Yet another reason to get a password manager of some kind, then. Auto filling from a secure browser plugin won't make any tell-tale clicks, after all. But you may want to type "S-C-R-E-W-Y-O-U-H-A-C-K-E-R" into your browser after you're done, on the off chance that anybody is eavesdropping. µ
Someone could be in for a NASty surpise
An assault course on the senses
Boasting Bionic boosting