University of Alabama at Birmingham. “Hackers could use brainwaves to steal passwords, study finds.” ScienceDaily. ScienceDaily, 1 July 2017. <www.sciencedaily.com/releases/2017/07/170701081756.htm>.

Research Question

The research question in this experiment is to determine if wearing an EEG headset while entering sensitive information increased the risk of PINs and passwords being stolen. By measuring brainwaves with the EEG headset, scientists tried to see if a program could then guess passwords for online accounts using the brainwave data.

Experimental Design

In this experiment, two different EEG headsets were used: one commercially available, and one used for scientific research. The headsets captured the brainwaves of the participants, which include information about eye, hand, and muscle movement. The twelve participants were comprised of 8 men and 4 women, half of which were above the age of 24 and came from a broad educational background. They were asked to enter a random string of numbers and letters to simulate a password and PIN number. This allowed the software to train itself on the user’s brain patterns. The researchers found that after analyzing the data from the EEG headset, the software was able to increase the odds from guessing a 4-digit PIN from 1 in 10,000 to 1 in 20. Additionally, it increased the odds of guessing a 6 character password from 1 in 500,000 to 1 in 500. A potential way to improve this experiment would be to increase the sample size to obtain more accurate data.