1.1820538-2761096813
Researchers at Binghamton University in New York conducted a study in which some 50 participants were monitored via headgear fitted with 30 brain sensors while 500 images of things, such as celebrities, food and unusual words, flashed in front of them on a screen for less than a second each. Image Credit: Supplied

Washington: What if you didn’t have to keep remembering passwords — and instead they were literally inside your head?

That’s the gist behind new cutting-edge research that explores doing things such as watching how your brain responds to celebrity pictures or listening to sounds echoing around your skull to prove your identity.

Researchers at Binghamton University in New York conducted a study in which some 50 participants were monitored via headgear fitted with 30 brain sensors while 500 images of things, such as celebrities, food and unusual words, flashed in front of them on a screen for less than a second each. The sensors captured how their brains automatically reacted to the pictures — and from that data, the researchers were able to figure out how to identify a person with 100 per cent accuracy while using just 27 image responses collected from a handful of sensors.

Study co-author Sarah Laszlo told Ars Technica that she imagined the process might make sense for some high-stakes scenarios, such as controlling access to classified information at the Pentagon.

Another study that hopes to use your head to improve security is one carried out by a team of German researchers who looked at skull echoes. The idea is basically to use bone conduction speakers and microphones to listen for tiny differences in how sounds bounce around inside people’s skulls. The researchers reported a 97 per cent identification rate but ran tests with only 10 participants.

These studies represent initial research that is a long way away from helping you sign into your online banking account. But they also highlight the push to figure out new alternatives to the traditional password and fingerprint scan.

The old standby — the typed password — isn’t working out so great. Passwords are practically impossible to escape and can be a pain to keep track of without falling victim to poor digital hygiene, such as password reuse. Most major companies now offer two-factor authentication, which requires an extra verification step that often works by having users enter a code that’s delivered to their phone.

And fingerprint scans have also been on the rise. The latest iPhones have it built in as Touch ID, and some secure workplaces use similar tech to verify employees’ identities. Unlike with passwords, you can’t really forget your fingerprints. But they’re also practically impossible to change if the fingerprint data is compromised, as happened to millions of people caught up in the Office of Management and Budget breach revealed last year.

And it might not even take a hack to expose them: After all, you leave fingerprints on a lot of things you touch — and some researchers have even demonstrated ways to spoof them from high-resolution photos.

Looking inside people’s heads for the future of biometric identification at least may help avoid part of that last problem: Given the state of technology now, you’d probably notice if someone was trying to measure your brain waves or listen to your skull for echoes.

Tips to create strong passwords

  1. Go for passwords that have a length of more than 12 characters.
  2. Always include symbols, numbers, capital and lower-case letters.
  3. Avoid places and common words or phrases.
  4. Never write the passwords in a book and leave it in a non-secured place.
  5. Never use family members’ names, date of births, phone or office number, address, birthday, or anniversary.
  6. Never use acronyms, geographical or product names, and technical terms.
  7. Don’t choose well-known or famous lyrics or lines.
  8. Never use your network username as your password.
  9. Avoid using the same password for multiple applications.
  10. Never store passwords on web applications.
  11. Avoid phishing sites and unknown websites.
  12. Have a good security software that includes antivirus, firewalls, browser protection, proven protection from online threats and latest operating system.
  13. Never reuse a password.
  14. Each password created should be unique.
  15. Never share your password with anyone.
  16. Reversing words is an effective way.
  17. Check the password with ‘HowSecureIsMyPassword’ and ‘The Password Meter’ to know how strong the password is and it will give you tips to improve it.
  18. There are password managers like ‘Dashlane, KeePass, 1Password or LastPass’ to remember all your passwords in the cloud with a master password but they are also not perfect.
  19. Two-factor authentication will strengthen your security as it sends a number to the mobile devices to verify that it is you when to attempt to access the applications. Users can set up accounts with Google and Apple to text you a unique code to punch in after you log into your account to verify that the person logging into your account is the right one.
  20. Change the password every two months.
  21. Limit the amount of personal information you share on social networks and online, including login information, birth dates and pet names.