If you thought that the passwords with pixels or other sensitive information in screenshots kept your secrets safe, it's time to rethink your security. A recently released tool can show these obscure characters.
The tool, called Depix, is available for free at GitHub . Gets a pixelized letterseries and recover passwords.
“Pixelization is used in many cases to disguise the information contained within pictures,” said Depix developer Sipke Mellema, an information security consultant, writing about the new tool on LinkedIn.
"I have seen Companies to pixelize passwords in internal documents; There were no tools available to recover a password from such an image, so I created one.
The software looks for patterns that are created when fonts are pixelized. Because pixelization follows a defined algorithm, the image of a set of character combinations will look the same every time.
When the search image is pixeled, it is possible to match the blocks in this image with the password blocks, allowing Depix to retrieve the supposedly hidden information, as you can see from the following screenshot:
As you can see, some letterare partly unclear.
This happens when there is no complete match and so the image of this character is replaced by an "average" value of all possible matches. This average value still normally leads to a visual image, such as the H at the beginning of the password recovered above.