09 May 2011

What is Shoulder surfing?

Shoulder surfing is looking over someones shoulder when they enter a password or a PIN code. Variations of shoulder surfing include:
  • Using binoculars or a low-power telescope to view someone entering a PIN code.
  • Coating the key pad with a thin coating of ultraviolet material so that you can later see which keys the user pressed.
There are also some audial variations on the shoulder surfing theme, where you listen instead of looking:
  • Listening to the a user type in their password to determine how many keystrokes they type, and therefore how many characters their password is.
  • Listening to a user dial a PIN on a telephone keypad and determining the PIN code from the sound of the DTMF tones.

