Thirty users were asked to enter 10 different passwords, both strong and weak, on four different common external keyboards, according to the Slovakian security firm ESET.
The researchers then used a thermal imaging camera to scan the residual heat on the keys which had been used, in order to identify which keys had been pressed.
They then asked non-experts in the field to arrive at the set of pressed keys from the thermal imaging data - which these individuals were able to reliably do.
The researchers described their method in a paper titled “Thermanator: Thermal Residue-Based Post Factum Attacks On Keyboard Password Entry”.
The data thus obtained was easily leveraged to crack passwords through brute-force attacks.
“Being warm-blooded, human beings naturally prefer environments that are colder than their internal temperature,” the paper says.
“Because of this heat disparity, it is inevitable that we leave thermal residue on numerous objects that we routinely touch, especially, with bare fingers.”
The researchers found that hunt-and-peck typists would be more susceptible to this kind of attack as they left bigger fingerprint and thermal traces, compared to touch typists.
However, attackers need to have access to the keyboards shortly after sensitive data is entered and the thermal imaging camera must have an unrestricted view of the keyboard.
Measures to mitigate against this attack included running one's fingers along a keyboard in order to introduce "thermal noise". Or else, one could use a mouse to select password characters from an on-screen keyboard.
A third method of mitigation was to use gloves or fake nails.