I absolutely love these hacking tricks where you snoop passwords from information leakage – this one from Georgia Tech using a smartphone’s accelerometer is an awesome addition. Short version: if your smartphone has malicious software on it, and you put it on the same desk as your keyboard, the phone can deduce what you’re typing from the vibrations. Yes, even if you don’t type as vigorously as I do (though only at close range – no need to panic).
The press release notes that using the accelerometer is an improvement over using the microphone because, even though it is less sensitive, the user is generally not asked whether to allow access to the accelerometer the same way they are the microphone when installing apps. But, I also think that even security minded users who might hesitate at allowing access to the microphone out of concern for being recorded would be less likely to see the risk of information leakage through accelerometer data.