What if you could think your password and gain access to your bank account, email, or photos?

John Chuang and teammates from the BioSENSE Lab at Berkeley have been working on brain-wave password authentication for several years. They call this type of password a passthought.

A passthought needs a brainwave reader that uses EEG (electro-encephalography) sensors. EEG machines used to be large, expensive, and available only in hospitals, but now they can fit in a headband or over-ear device. BioSENSE lab is aiming at an earbud-sized device.

To create a passthought, wear one of these portable EEG scanners, and then think of a password (such as a few lines from a favorite song). The scanner will record the corresponding brain waves. Just think the same thought again to access your accounts.

This is more secure than a regular password because it tracks something you know (the thought itself) and something you are (your unique brainwaves). This means it’s two-factor authentication, without having to use a phone or another physical device. BioSENSE has also fine-tuned their matching algorithms to an extremely accurate degree: the right user is always able to get in, and potential hackers, even if they know the password, aren’t able to mimic the brain waves effectively.

Once the EEG scanner becomes a commodity rather than a medical device or novelty item (remember the brain-wave cat ear headband from a few years ago?), using a passthought will be as easy as wearing earbuds and humming to yourself.

By Sharon Campbell