Passthought authentication

Authentication (logging into devices and services) is a long-standing problem in security. Traditional passwords are easy to guess and difficult to remember, while biometric authenticators like fingerprints are easy to steal and difficult to change. Tokens or keys are susceptible to loss, and multi-factor strategies require multiple steps, hindering wider adoption.

Passthoughts authentication allows users to to submit both a knowledge factor (a secret thought) and an inherence factor (the unique way an individual expresses that thought) in a single step, by performing a single mental task. A brainscanning device detects electrical (or other) signals from the brain, which are used to identify the user. Our group has achieved 99% authentication accuracy using single-channel EEG signals, which is on par with previous research employing multi-channel EEG signals using clinical-grade devices.

Our group's publications

Nick Merrill, Max T Curran, John Chuang. Is the Future of Authenticity All In Our Heads? Moving passthoughts from the lab to the world. NSPW '17.

Max T Curran, Nick Merrill, John Chuang, Swapan Gandhi. One-step, three-factor authentication in a single earpiece. UBICOMP '17.

Passthought Authentication with Low-Cost EarEEG. EMBC 2016.

John Chuang. One-Step Two-Factor Authentication with Wearable Bio-Sensors. Workshop on "Who are you?! Adventures in Authentication" (WAY'14), SOUPS '14.

Benjamin Johnson, Thomas Maillart, John Chuang. My Thoughts are Not Your Thoughts: Robustness of Brainwave Signal Authentication Against Impersonation Attacks. UBICOMP '14.

John Chuang, Hamilton Nguyen, Charles Wang, Benjamin Johnson. I Think, Therefore I Am: Usability and Security of Authentication Using Brainwaves. International Conference on Financial Cryptography and Data Security (FC'13).

Press coverage

NEO.LIFE. When computers read your mind, you’ll need a great passthought. July 15, 2017.

Techonomy. Will your next password be a brainwave? June 20, 2017.

KRON4. New brainwave reading tech from Cal Berkeley released. November 18, 2016.

CNET. Use your eyes, voice -- and thoughts -- to replace passwords. July 4, 2016.

Tech Republic. Is it time to replace passwords with passthoughts?. March 17, 2015.

CNBC. Replace Your Password With Brainwaves? Yes, Really. April 9, 2013.

UC Berkeley ISchool. New Research: Computers That Can Identify You by Your Thoughts. April 3, 2013.

Venturebeat. Brain drain: Your thoughts could soon replace passwords. April 8, 2013.