30 seconds and 50 dollars is all it takes to steal your PC login

[Kumaran]

Imagine you’ve been at work for a few hours. It’s time to get up, grab a coffee and some morning tea. You’ll only be away from your desk for ten minutes so you know it will be easier to just hit the lock screen on your workstation than to completely log out and then log back in again when you return. No one has your password so your workstation is safe, right?

Many people believe that leaving their computer unattended won’t pose any security risks as long as the device is locked. However, researcher Rob Fuller, principal security engineer at R5 Industries demonstrates that an attacker with physical access to your device can capture your login credentials (username and password) in under a minute if your computer is still logged in.

Read more.

 

[Myriad]

The devices that are used for this hack have been around for some time but are still largely unknown
outside the world of pen-testing.

The more people that read articles such as the one above , the safer everyone will be .

Take charge of your hardware .... before somebody else does !

 

[DardiM]

Thanks for the Share

 

[Nico@FMA]

Imagine you’ve been at work for a few hours. It’s time to get up, grab a coffee and some morning tea. You’ll only be away from your desk for ten minutes so you know it will be easier to just hit the lock screen on your workstation than to completely log out and then log back in again when you return. No one has your password so your workstation is safe, right?

Many people believe that leaving their computer unattended won’t pose any security risks as long as the device is locked. However, researcher Rob Fuller, principal security engineer at R5 Industries demonstrates that an attacker with physical access to your device can capture your login credentials (username and password) in under a minute if your computer is still logged in.

Read more.

Great article and totally true. Yet did he also mention that locking your workstation is just a way to stop insiders from getting ur stuff? As over the internet it often takes less then 30 seconds to obtain the same info and the real kicker? it does cost NOTHING.
Lol
Cheers

 

[Dirk41]

thanks for sharing.

does anyone know about sw that lock usb ports ? (and would they work in this case? )

 

[Deleted member 178]

and what if you use a pin?

 

[Dirk41]

and what if you use a pin?

To log in ? I already use it . I know it is only for that specific PC but I thought it could be stolen as well

 

[kev216]

Very interesting article. Thanks for sharing!
Although it can be easily bypassed as told in the article, your lock screen already gives you protection to people that does't know this tric but that are very curious to what's on your pc or try to be funny by undoing your work when you are away for some minutes. All the people that I know just leave their computer even without lock screen. I would never do that.

 

[HeroCloudAntivirus]

i would take the power cable with me xD

 

[Ink]

You might as well power down the PC.

i would take the power cable with me xD

 

[Nico@FMA]

Pff see if they can crack my 70's vintage typewriter. guaranteed beats any security.

 

[HeroCloudAntivirus]

@Nico@FMA TypeWriters FTW

 

[jamescv7]

Now how about if its apply on IoT? Definitely the trick maybe old for bypass but the solution for prevention are still such passive.

Iot should come up a stronger hardware protection alongside of software; those video review is simply a sign to embrace the massive problem and how to deal it.