Why you can trust ZDNET : ZDNET independently tests and researches products to bring you our best recommendations and advice. When you buy through our links, we may earn a commission. Our process

'ZDNET Recommends': What exactly does it mean?

ZDNET's recommendations are based on many hours of testing, research, and comparison shopping. We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. And we pore over customer reviews to find out what matters to real people who already own and use the products and services we’re assessing.

When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. Neither ZDNET nor the author are compensated for these independent reviews. Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers.

ZDNET's editorial team writes on behalf of you, our reader. Our goal is to deliver the most accurate information and the most knowledgeable advice possible in order to help you make smarter buying decisions on tech gear and a wide array of products and services. Our editors thoroughly review and fact-check every article to ensure that our content meets the highest standards. If we have made an error or published misleading information, we will correct or clarify the article. If you see inaccuracies in our content, please report the mistake via this form.


AI can now crack your password by listening to your keyboard clicks

The next time you type your password, you may want to ensure no one is listening.
Written by Sabrina Ortiz, Editor
AI sound wave
Svitlana Hruts/Getty Images

To keep your password safe when logging on to your computer, your instinct might be to make sure no one is watching to avoid an over-the-shoulder attack. However, a new study is showing that you may want to make sure no one is listening to your keyboard clicks, either. 

Whereas internal attacks involve infiltrating a device directly often after "shoulder surfing", side-channel attacks are based on the interpretation of a device's information that has been externally gathered. An acoustic side-channel attack, for example, can use the sound of your keyboard clicks to figure out exactly what was typed and use that info to infiltrate your accounts from there. 

Also: Zoom is entangled in an AI privacy mess 

And now, according to a new study, acoustic side-channel attacks present a greater threat than ever before.

To conduct the experiment, the researchers used a MacBook Pro 16-inch (2021) with 16 GB of memory and the Apple M1 Pro processor. They recorded the laptop's keyboard clicks on both an iPhone 13 Mini that was sitting 17cm away on a microfiber cloth and Zoom's built-in recording function on the laptop. 

Phone on a microfiber cloth next to a laptop
Durham University/University of Surrey/Royal Holloway University of London

The researchers then trained a deep learning model using the data collected from the keystroke sound dataset. Once the model was ready, the researchers tested its accuracy using the leftover data. 

Also: We're not ready for the impact of generative AI on elections

The results showed that the model could identify the correct key with an accuracy of 95% from the phone recording and 93% accuracy from the Zoom recording, according to the study. 

Despite the high accuracy rate of the results, the researchers identified several ways that users could mitigate being attacked, including varying user typing style, using a randomized password with multiple cases, utilizing the shift key, and playing sounds near the microphone in video calls. 

Editorial standards