How Shoulder Surfing Threatens Your Security  

The rise and continuous development of technology also paved way for the ever-growing number of attacks and compromises that are mostly done online. While the advancements have brought about wonderful changes, they also came with numerous risks that can put you and your pertinent data at risk. One of these security threats is the so-called shoulder surfing.

What is Shoulder Surfing?

Shoulder surfing is a term used when describing a person who observes the mobile device or computer screen and keyboard of another person with the goal of obtaining sensitive information. It is possible to do this direct observation by just using looking over a person’s shoulder, thus explains the phrase shoulder surfing. Visible or hidden video cameras, binoculars, and other types of optical devices can also be used.

The main purpose of shoulder surfing is usually to view and pilfer important and sensitive information such as password and username combinations which can then be used later on to access the account of a user. PIN or personal identification numbers, credit card numbers, and sensitive personal data used for responding to security questions such as the birth date and middle name used for the purpose of password recovery can be targeted as well.

It can be carried out by someone who has malicious intent and when it happens, this can result to a breach in security. Seeing responses to the security questions or a password gives an attacker the chance to reset a password or access an account. Nosy or curious bystanders can also do shoulder surfing and in this case, it is a mere invasion of privacy. Most of the time, having that nosy man at the airport viewing your medical history, paycheck, and bank balances can be considered as an unpleasant experience.

If you have ever hired an IT technician to help you in troubleshooting an issue with your PC or installing a new app, you might be very familiar with that uneasy feeling when you are asked to input your password since the IT guy will be right there, looking over your shoulders as you do this. It is considered as shoulder surfing and only difference is that there is no malicious intent here.

Tips to Protect Yourself from Shoulder Surfing

It is not always an easy feat to protect yourself from shoulder surfing. Simple methods such as using a privacy screen protector will help limit your screen’s field of view although it might not do much when it comes protecting your keystrokes from being seen or observed.

Another more expensive and elaborate method is having a gaze-based password entry that can make it difficult to view password entry. However, this is a rather rare method used only during extraordinary situations.

The use of two-factor authentication can also make it more difficult for attackers to use stolen security questions or passwords but might not put off shoulder surfing.

Using passwordless authentication can eliminate the need to use passwords, thus taking away the risks related to stolen passwords altogether that include those stolen through the method of shoulder surfing. Having said this, it won’t prevent shoulder surfers from pilfering sensitive information such as security question responses or the unpleasant invasions of privacy.