Brainwave identification the next new password alternative?

Ideally, every single account you have should have a different password. Furthermore, each of those passwords should contain a unique mix of special characters, numbers and upper and lowercase letters. But, with the number of access codes needed in today's online world, those passwords are hard to remember and as hackers become even more sophisticated the password itself is becoming less and less safe.

Fingerprint access is another way in which accounts are being accessed but even that, too, has been cracked. It has been done by physically removing someone's fingers (as was the case when a Mercedes with fingerprint recognition was stolen after the thieves also stole the owner's fingers) and fingerprint scanners on mobile devices have been found to be hackable.

So what if your passwords were not physical but instead a unique signal sent out by your brain? A new study, 'Brainprint', by researchers at the University of Binghamton, suggests that brainwaves could be used as passwords. The study was able to get a computer to identify users based on how their brain reacted to reading and recognizing a list of acronyms such as FBI or DVD. Each user's brain reacted differently to the extent that the computer was able to verify an identity with 94% accuracy.

According to Sarah Laszlo, assistant professor of psychology and linguistics at Binghamton University and co-author of the study, brain biometrics are appealing because they are cancellable and cannot be stolen by malicious means the way a finger or retina can.

"If someone's fingerprint is stolen, that person can't just grow a new finger to replace the compromised fingerprint -- the fingerprint for that person is compromised forever," she said. "Fingerprints are 'non-cancellable.' Brainprints, on the other hand, are potentially cancellable. So, in the unlikely event that attackers were actually able to steal a brainprint from an authorized user, the authorized user could then 'reset' their brainprint."

PayPal is looking at ways of implementing 'natural body identification' techniques such as swallowing capsules that then reside in the stomach, powered by digestive acids, that detect unique bodily features such as glucose levels and heartbeat. Data from the capsules could be encrypted and communicated to external receivers. Their research follows findings that users' choice of passwords were very weak. The top 4 passwords in 2014, for example, were '123456', 'password', '12345678' and 'qwerty'.

Image via Shutterstock

Tags: biometrics, fingerprint recognition, online security, password management