Paper: Wearables can reveal your passwords by measuring slight arm movements
In an experiment, researchers were able to correctly guess people's passwords and PINs by observing sensor data gleaned from their wearable devices.
Academic researchers have proven that sensors in wearable electronics can be exploited to secretly measure minute movements in users' arms in an effort to decipher passwords and PIN codes that they type into computers, ATM machines and other devices.
In a newly published paper, the five researchers from the Stevens Institute of Technology and Binghampton University recount an experiment in which 20 wearable users inputted over 5,000 passwords or PIN key entries into various keyboards and devices. Using a “Backward PIN-Sequence Inference” algorithm to calculate miniscule changes in arm distance and direction, the researchers guessed users' security key entries correctly 80 percent of the time on the first try, and were successful over 90 percent of the time when given three attempts.
Of course, should an adversary find a way to eavesdrop on your wearable, one low-tech way of avoiding this threat is by not entering passcodes with your arm that sports the device.