Why passthoughts could make passwords a thing of the past

New brainwave technology relies on reading brain's unique electrical signals

July 06, 2016

Wireless EEG headsets such as NeuroSky's MindWave can be used to read brainwave activity. (NeuroSky)

It's no secret that passwords aren't impenetrable. Even outside of major incidents like the celebrity nude photo hack, or when millions of passwords get released online, like what happened to Twitter recently, many of us may still be at risk of having our data compromised due to password-related security flaws.

According to a June 2015 survey from mobile identity company TeleSign, two in five people were notified in the preceding year that their personal information was compromised or that they had been hacked or had their password stolen.


But a new technology developed by the BioSense lab at the University of California, Berkeley could make all of that a thing of the past.

Over the course of three years, the lab's co-director, John Chuang, and his graduate students have been working on a technology called passthoughts, which would use a person's brainwaves to identify them, according to CNET.

The team has found that a passthought — something like a song that someone could sing in their mind — isn't easily forgotten and can achieve a 99-per-cent authentication accuracy rate.

The device used to capture passthoughts resembles a telephone headset. It relies on EEG technology, detecting electrical activity in your brain via electrodes strapped to your head. And although Chuang's team say the technology has improved greatly in recent years, the awkwardness of the device might hinder it from being widely adopted.

While it will likely take some time before passthoughts become ubiquitous, we might soon see some of Chuang's work in technology that identifies you by the contours of your body, including your skin pores, ear folds and the exact symmetry of your face.

This technology — known as biometric technology — focuses on what makes you different than everyone else. Fingerprint readers are probably the most well-known example, and while they provide better security than your typical password, fingerprints can still be replicated with high-resolution photos.

Because every brain creates a different electrical signal, passthoughts can't be copied.

While we wait for biometrics to mature enough to become a practical alternative to traditional passwords, there are steps you can take now to protect your data, such as enabling two-factor authentication, requiring a code along with your password, and avoiding using easy-to-guess passwords.

CBC's Journalistic Standards and Practices
Report Typo or Error