Logo

CNBC

Tired of Forgetting Your Password? A New Replacement for Passwords Is in the Works — and You May Be Surprised to Learn What It Is

Jun 5, 2015  •  Post A Comment

Researchers at Binghamton University in New York are developing what may be the replacement for passwords. CNBC reports that the research is focused on the use of brainwaves.

“The scientists looked at the brain signals of 45 volunteers as they read a list of 75 acronyms, such as FBI and DVD, and recorded their reaction to each group of letters. Each participants’ brain reacted differently to the acronyms, meaning that the computer was able to identify each volunteer with 94 percent accuracy,” the story reports.

“It is this ‘brainprint’ that could be used by security systems to verify a person’s identity, the academics said in the study, which was published in the academic journal Neurocomputing this week.”

The researchers say brainprints have advantages over other characteristics that have been explored as security measures, such as fingerprints and face identification. Experts in the field have been busy trying to come up with new approaches in the wake of a series of data breaches and cyberattacks.

In a release about the study, Sarah Laszlo, assistant professor of psychology and linguistics at Binghamton and a co-author of the report, said: “If someone’s fingerprint is stolen, that person can’t just grow a new finger to replace the compromised fingerprint — the fingerprint for that person is compromised forever. Fingerprints are ‘non-cancellable.’ Brainprints, on the other hand, are potentially cancellable. So, in the unlikely event that attackers were able to steal a brainprint, the authorized user could ‘reset’ their brainprint.”

One Comment

  1. Brain signal monitoring shares the same problem of biometrics in general, i.e., trade-off between false acceptance and false rejection.

    Whether iris, face, fingerprint, typing, gesture, heartbeat or brainwave, biometric authentication could be a candidate for displacing the password if/when (only if/when) it has stopped depending on a password to be registered in case of false rejection while keeping the near-zero false acceptance.

    Threats that can be thwarted by biometric products operated together with fallback/backup passwords can be thwarted more securely by passwords alone. We could be certain that biometrics would help for better security only when it is operated together with another factor by AND/Conjunction (we need to go through both of the two), not when operated with another factor by OR/Disjunction (we need only to go through either one of the two) as in the cases of Touch ID and many other biometric products on the market that require a backup/fallback password, which only increase the convenience by bringing down the security.

    In short, biometric solutions could be recommended to the people who want convenience but should not be recommended to those who need security. It may be interesting to have a quick look at a slide titled “PASSWORD-DEPENDENT PASSWORD-KILLER” shown at
    http://www.slideshare.net/HitoshiKokumai/password-dependent-passwordkiller-46151802

Leave a Reply to Hitoshi Anatomi Cancel Reply

Email (will not be published)