Usually it’s a problem when you can’t remember a password. But in this particular case, it’s by design. A new security technique mashes up cryptography with neuroscience to create passwords that are stored in users’ brains but cannot be recalled, recited, or otherwise extracted by another party.
The system is based on an idea known as implicit learning, in which the brain subconsciously learns a pattern without consciously recognizing it. In tests, Stanford University researchers put test subjects in front of a computer game in which they had to catch falling objects on the screen by pressing a key, with each key corresponding to one of six positions on the screen.
|Build a Portable Password Generator|
|Forget Your Password? Try Your Finger|
|A DIY UAV That Hacks Wi-Fi Networks, Cracks Passwords, and Poses as a Cell Phone Tower|
Two weeks later, they still made fewer errors when the sequence was introduced into the game. Their brains remembered the sequence even though none of them could identify the sequence if asked. The idea could form a security scheme in which an authorized person is embedded with a sequence in an initial session and then asked to play the game to authenticate him- or herself later. Previous studies have shown that sequences learned implicitly simply can’t be recalled or understood by the brain, so there’s no way the person could willingly or unwillingly give up their authenticating password, yet it could be used to authenticate them time and time again.