Password can be Guessed by the way Phone is Held : Study

By Vishal Goel / 1492138480
(Photo : YouTube/ Recombu) A Nokia 3 smartphone is held by hand for the presentation.

Researchers at Newcastle University recently demonstrated how smartphone passwords and PINs can be easily stolen by the way devices are held while typing it. The researchers achieved a seventy percent accuracy to guess the four-digit PINs in the first attempt and a hundred percent accuracy in five tries. The hack makes use of sensors like gyroscopes built into most smartphones.

The theoretical hack is based on a loophole in how web browsers share a smartphone with websites that ask for it. While some sensitive information such as location asks the user for permission, a malicious website can ask for data such as device orientation without the user being notified.

But users do not need to be very concerned about hackers breaking into their devices because the method behind the attack has significant hindrances that prevent it from being used in the real world. As told by Dr. Maryam Mehrnezhad, a research fellow in the School of Computing Science, most of the smartphones, tablets and other wearables are equipped with a multitude of sensors, from GPS, camera, and microphone to instruments like the gyroscope, rotation sensors, and accelerometer. But since mobile apps and websites do not ask permission to access them, malicious programs can covertly "listen in" on your sensor data enabling them to discover a wide range of sensitive information about you.

To train the system to be able to guess even a simple four-digit pin, the researchers collected a lot of data from users; each had to type fifty known pin numbers in and repeated five times before the system learned how they hold their phones to guess a hidden pin with seventy percent accuracy.

Dr. Mehrnezhad further added that despite the very real risks, when they asked people which sensors they were most concerned about, the team found a direct correlation between perceived risk and understanding because people were far more concerned about the camera and GPS than they were about the silent sensors.