BIRMINGHAM, ALABAMA — A new study shows hackers could learn your passwords by using algorithms to learn the patterns of brainwaves through the use of EEG headsets. <br /> <br />When typing, a user’s inputs correspond with their visual processing, hand, eye and head muscle movements. These movements are all captured by EEG headsets. <br /> <br />Researchers at the University of Alabama at Birmingham designed an experiment that required 12 users to type randomly generated passwords into a text box repeatedly while wearing an EEG headset. After typing 200 characters, an algorithm was able to make educated guesses about new characters based on the brainwave pattern. <br /> <br />The algorithm was able to increase the odds of guessing a four-digit numerical PIN from one in 10,000 to one in 20 and the odds of guessing a six-letter password from one in 500,000 to roughly one in 500. <br /> <br />“In a real-world attack, a hacker could facilitate the training step required for the malicious program to be most accurate, by requesting that the user enter a predefined set of numbers in order to restart the game after pausing it to take a break, similar to the way CAPTCHA is used to verify users when logging onto websites,” Nitesh Saxena, associate professor at the University of Alabama at Birmingham said in a press release. <br /> <br />For example, a person who pauses a video game to log into his or her bank account while wearing an EEG headset would be at risk of leaking their passwords. <br /> <br />Several robotic gadgets and video games can be controlled by brainwaves through EEG headsets. Facebook is also developing mind-reading technologies that can allow users to type from the brain.
