Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Paper: Wearables can reveal your passwords by measuring slight arm movements

Academic researchers have proven that sensors in wearable electronics can be exploited to secretly measure minute movements in users' arms in an effort to decipher passwords and PIN codes that they type into computers, ATM machines and other devices.

In a newly published paper, the five researchers from the Stevens Institute of Technology and Binghampton University recount an experiment in which 20 wearable users inputted over 5,000 passwords or PIN key entries into various keyboards and devices. Using a “Backward PIN-Sequence Inference” algorithm to calculate miniscule changes in arm distance and direction, the researchers guessed users' security key entries correctly 80 percent of the time on the first try, and were successful over 90 percent of the time when given three attempts.

Of course, should an adversary find a way to eavesdrop on your wearable, one low-tech way of avoiding this threat is by not entering passcodes with your arm that sports the device.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.