"Let's look at their screen and see how long their password is." This article is abou...

SapporoChris • yesterday at 9:28 AM • 1 reply • view on HN

"Let's look at their screen and see how long their password is." This article is about silent sudo.

Have you ever watched a fast touch typist, someone that does over 100 words per minute? Someone who might be using an keyboard layout that you're not familiar with? When the full password is entered in less than a second it can be very difficult to discern what they typed unless you're actually recording with video.

But sure, if you're watching someone who types with one finger. Yes, I can see that.

Replies

Freak_NL • yesterday at 9:35 AM

How is learning only the length of the password better than watching someone type it?

Besides, observe that several times and you might get close. Look at the stars several times and learn nothing beyond what you learned the first time.

This whole type of attack hinges on the user using weak passwords with predictable elements in any case.

alt Hacker News

Replies