Thinking Your Password

    Have researchers finally come across a way to access data on your computer that can’t be breached or compromised?

    A team at the University of California Berkeley has announced that they are able to use brainwaves as a means of authentication. The researchers claim that by using your thought power directly – and bypassing the steps of typing in your password or going through the steps of multi-authentication access – you have a much more secure means of computer access.

    It works this way, according to ABC News:

    Led by Professor John Chuang, the team at Berkeley used Neurosky’s Mindset Brainwave sensor, a $200 headset with electrodes that can measure electroencephalograms (EEGs) or brainwave activity. . . . Participants were also asked to repeatedly sing their favorite song or think of their favorite color, functioning as their own personalized thought password or “pass-thought.” After collecting data over a number of weeks, Chuang found that the computer could accurately and consistently distinguish between brainwave patterns of the participants. Basically, one person’s brain activity during certain tasks was different from another and the computer could tell that and verify that it was that person.

    I was a little disappointed that a headset was needed, but the research is still in its early stages. I would expect that as the technology catches on, all you’ll have to do is think and your computer or smartphone will recognize you.

    The brainwave as password technology isn’t totally unexpected. In November, ZDNet reported that brainwave sensors could be available as early as this June, released by a company called InteraXon, and could be used to replace your old-fashioned passwords.

    For those of us who have collected quite a few unique passwords (and that would include anyone who uses a computer), using thought power to log in rather than try to remember what the right password is would be a real time saver. But would it really mean fewer breaches and safer data?

    Not necessarily, according to Randy Abrams, a director of research at NSS Labs, who was quoted by TechNewsWorld:

    Regardless of the authentication method, digital data must be sent over the Internet. From the moment the input receives the authentication thought, it’s digital data and subject to attack.

    Sue Poremba
    Sue Poremba
    Sue Poremba is freelance writer based on Central PA. She's been writing about cybersecurity and technology trends since 2008.

    Latest Articles