BIRMINGHAM, Alabama (CBS) — A new study shows hackers could learn your passwords by using algorithms to learn the patterns of brainwaves through the use of EEG headsets.
When typing, a user’s inputs correspond with their visual processing, hand, eye and head muscle movements. These movements are all captured by EEG headsets.
Researchers at the University of Alabama at Birmingham designed an experiment that required 12 users to type randomly generated passwords into a text box repeatedly while wearing an EEG headset. After typing 200 characters, an algorithm was able to make educated guesses about new characters based on the brainwave pattern.
The algorithm was able to increase the odds of guessing a four-digit numerical PIN from one in 10,000 to one in 20 and the odds of guessing a six-letter password from one in 500,000 to roughly one in 500.
“In a real-world attack, a hacker could facilitate the training step required for the malicious program to be most accurate, by requesting that the user enter a predefined set of numbers in order to restart the game after pausing it to take a break, similar to the way CAPTCHA is used to verify users when logging onto websites,” Nitesh Saxena, associate professor at the University of Alabama at Birmingham said in a press release.
For example, a person who pauses a video game to log into his or her bank account while wearing an EEG headset would be at risk of leaking their passwords.
Several robotic gadgets and video games can be controlled by brainwaves through EEG headsets. Facebook is also developing mind-reading technologies that can allow users to type from the brain.