The age of the password is gone. But have we realized that yet?
In the modern age of technology, passwords were introduced to us as a means of protecting our personal information and data from unauthorized access. Today, passwords are used in almost all aspects of our digital life. Our email, Our bank account, Our address, contact details and credit card number, Photos and videos of us, our family and other sensitive personal information, The exact location where we are right now. All these are protected using a sequence of words and numbers, including mixed case letters and different symbols. Since the dawn of the age of information, we were given the idea that a ‘password’, as long as it is elaborated complex and long enough and when having a mix of alphabetical letters, symbols and numeric, is a sufficient means of protecting and safeguarding all our precious and infinitely valuable personal /Business data and information.
But, are passwords doing their intended job?
In a time in which Advanced computer systems are broken into by hackers and crackers and long lists of usernames and passwords are released into the public network of internet for the entire world to see; a time where computer systems ranging from the ones sitting at your home to the most secure advanced computer systems on earth such as pentagons computer system which is guarded by many means such as proxy tunneling, firewalls (physical as well as virtual) are hacked into, it has now been indefinitely proven over time that passwords can no longer protect us – no matter how complex, no matter how unique, the final verdict is clear as crystal– any password can be broken by the modern e-wizards in no time.
Today we have so many accounts everywhere reaching all corners of the virtual world as a result of the requirement to have a profile in most of the websites in order for us to enjoy its services –This ranges from profiles of ourselves in every social network that is available which contains almost all of our private information from the time we wake up to how our birthday suit looks like to bank accounts, credit cards which determines the future of our life and our grandchildren even to, third part transaction processing sites such as PayPal accounts, and the ultimate hub of all our connections the most precious email addresses of ours. It is quite a common knowledge that for a password a string of mixed cased words and numbers and symbols should be used in order to make the password more secure and difficult to break. But this often results in people forgetting the exact password. When you don’t remember the password exactly, a new problem arises – you cannot log into your account and after a few tries, the account is locked down. All of us do have at least one experience in such an incident and in a rather rare occasion, one might even go so far as to call passwords “a nuisance”. In this modern world where everything and everyone are always in a hurry for something; a world in which one might possibly tell that it’s a hardship having to recall passwords so often. Whether everyone would agree to such sayings would be a different matter; but the obvious thing happening in the world is most people tend to use the same password in several accounts they own and also the manner in which we chain all these, with our email address becoming the universal username, creates one single failure point and that single point can be exploited by active as well as passive intruders giving devastating results. All a hacker has to do is crack the password to our email account and he thereby gets access to all our precious data – from the happenings in our life on social networks to complete our bank account and credit or debit card. So, therefore, it has quite conclusively been proved over time that passwords cannot protect us any longer. It is high time we think of other alternatives.
Then what would be the alternative?
As soon as the words ‘alternative for a password’ are heard, a rather surprising array of options pops up. Products which use a form of biometric technology are among the top in these options. Well, don’t be amazed after all the lazy concepts of biology apply here as well. The reason as to why we should use them is that users do not have to remember painfully long and complex passwords which are prone to be forgotten and eventually lost resulting in the loss of all our accounts. Existing biometric scanners, however, uses single factor authentication and the opinion of experts who have studied this broadly that single factor authentication might not be secure enough. This is where ‘multi-factor authentication’ comes in. But the problem with multi-factor authentication is that it is not the easiest to develop and certainly does not qualify as the cheapest. It seems like no relief for the underprivileged man from any front whatsoever. In theory, true must factor authentication means, the person trying to be authenticated must become validated in at least 2 out of the three categories given below:
- Knowledge – Something only the user knows (something like a password)
- Possession – Something only the user can have (something like a credit card)
- Inherence – Something only the user is (for example like biometrics)
The basic theory for more secure authentication in this method is, the more the number of factors, validated by this method the more secure and ensured the authentication will be. This method of authentication is used even at present. Now don’t be surprised, yes, it is used in the present also even if we have not noticed it. Remind yourself about the procedure you go through when you register yourself to a mobile banking app or even email. First, you insert a unique password and a unique username. Then there comes a time when you have to enter a PIN number either given to you from your financial institution, e.g. -bank (in the case of a mobile banking app) or sent to your mobile device. Here 2 of the above factors are checked for authentication. But such methods of authentication take a few steps and ideally multi-factor authentication should be able to check for multiple factors in just one single step.
So where does ‘brain prints’ come on all of this?
A ‘brain print’ is an authentication method which is the naturally multi-factor and everything is done in one single step. What a brain print does is it converts the activity in your brain to a biometric identifier. The same way in which your DNA, fingerprint or retina is unique, the brainwaves generated by your brain seem to be unique and can be used as a means of identifying you. Now you’d be wondering if what those occultists were saying all this time is true. Well, at least in this they are. In this particular case if you want to log into a computer or to prove your identity.
The latest research has proven to have devised a method to verify a person’s identity based on how their brain responds to certain acronyms like VCR or FBI. This research observed the brain signals of a group of people as they read out commonly known acronyms and recorded the brain’s reaction to those words. Recording of readings of each person’s brain’s electrical activity – an electroencephalogram or better known for the general public as EEG was taken and according to the observations made, the area of the brain responsible for reading and recognizing words reacted differently to each acronym where the reaction was unique to each person. The reaction was so unique that the computer was able to identify each person with a 94% accuracy rate. Of course, a 94% accuracy rate was not enough for brain prints being a practical technique in the real world. But brain prints did show some promise and researchers who are extensively researching on brain prints are now concentrating on trying out new ideas to boost the accuracy of brain prints and maybe reach the 100% accuracy rate in the near future. One such path would be to increase the accuracy was to show pictures of polarizing celebrities and pictures of food that most tend to like and food that was generally avoided by most – the idea behind this being polarizing image might have a more specific effect on the brain electrical reaction and thereby generate more specific and unique individual brain prints. Also, brain prints did not disappoint the researchers when it came to long-term sustainability as the exact same results were obtained when the same experiment was conducted 6 months later under the same test conditions.
Basically, the way brain prints work is that whenever you want to log into your computer system or your accounts, all you need to do is to think of the password and the biometric technology of ‘brain prints’ will handle the rest.
The researchers say their findings suggest that a person’s unique ‘brain print’ could be used by security systems in the future for the purpose of authentication. The brain print would undoubtedly have a huge advantage over the currently prevailing traditional ‘passwords’ and other biometric methods like retina scans, DNA’s and thumbprints, all of which can be stolen. In the case where someone’s fingerprint is stolen, that person cannot ‘grow’ a new finger in place of the compromised finger or ‘reset’ the compromised fingerprint-like we do today when we think our Facebook accounts have been compromised. That sounds like a scene from a tom cruise movie, but that can happen in the real world as well. The fingerprint, therefore, once compromised will mean forever compromised. But according to the research done on brain prints, unlike fingerprints, brain prints have the potential to be modified or reset as the user wants. So despite the unlikely event in which an intruder is able to steal a brain print from an authorized user, that authorized user could ‘reset’ their brain print whenever they want though the procedure is bitten complex still.
Brain prints are also said to be potent immune to blackmail or the scenario where a gun is pointed at your head, as the manner in which the brain reacts to changes when it is under stress. Now that’s bad news for all the guys over there who plans to steal the bank by pointing a gun at the bank manager’s head So therefore, unless someone devises a way to mimic the unique and identical brainwaves of an individual, brain prints are almost immune to every threat.
So are ‘brain prints’ the future of authentication?
Research has indeed proved that brain prints hold a lot of promise in the area of authentication. They are, however, unlikely to be used in low-level user applications anytime in the near future. But brain prints being used instead of passwords in high-security computer systems would be a likely possibility, especially in places with a very high level of security, such as the Pentagon where certain access levels are open only for a few authorized users.
Will brain prints ever replace passwords for authentication in our day-to-day access to email or twitter?
Probably yes. In this ever growing age of information where technological advancements progress at breakneck speed, it is highly unlikely that passwords will not be replaced by something far more advanced. Even at this very moment, incidents and personal experiences tell us the age of passwords is almost over, but on a global perspective, it seems mankind has still not realized this. But with ‘brain prints’, the abandoning of mere ‘passwords’ and the dawn of a new age of a far more secure and advanced authentication has begun. So be ready to say goodbye to your old passwords and be ready to embrace the novel concept of brain print.