Passwords are on the way out: they're difficult to remember, easy to crack, and offer up a relatively simple way for other people to get at your sensitive data. Imagine a prisoner being let out of the jail gates just because he knows the security phrase of the day - and not because he looks anything like a prison guard.

That's why technology firms and scientists are working hard on alternative solutions that are based around biometrics. The fingerprint sensor you might have on your phone is perhaps the best example: it takes no effort to 'remember' your fingerprint, but it's very difficult to replicate or steal if you're not who you say you are (Mission: Impossible films aside).

Now scientists working at Binghamton University think they've found a suitable replacement for the password: a brain scan. The system they've developed, called Brainprint, uses an electroencephalogram (EEG) cap and then presents a succession of 500 images to the user at the rate of two per second - by studying the brain's responses to these pictures, the associated software is able to pick out one person in 30 with 100 percent accuracy.

No one's about to start shipping laptops with EEG caps any time soon, but if this technology can be refined and improved upon, it could eventually provide an ultra-secure way of confirming someone's identity that would be almost impossible to spoof (Tom Cruise et al., take note). Of course, for the system to work, it needs to know how you react to particular images in the first place so it can correctly identify matches.

The images themselves are designed to elicit definitive emotional responses, and include pictures of a slice of pizza, a boat, sushi, actor Anne Hathaway, and the word "conundrum".

"When you take hundreds of these images, where every person is going to feel differently about each individual one, then you can be really accurate in identifying which person it was who looked at them just by their brain activity," said lead researcher Sarah Laszlo.

In order to test the security of Brainprint, its makers have been trying to fool it. One method involved flashing light at the same frequency at two people to see if their brains would become more 'synchronised' in the way they thought; the test was unsuccessful though, and Brainprint remains unhackable for the time being. The theory is that if you were being forced to use the system at gunpoint or under duress, the activity of your brain would change and you wouldn't be able to gain access.

"The key idea is that we want to identify and recognise the individual person based on their inside thinking," said one of the team, engineer Zhanpeng Jin. "Inside-brain activity is not visible to anyone else. Even more exciting is that we want to use a non-volitional response. That means even the user cannot be aware of it."

The results of the first test of Brainprint were published in the journal Neurocomputing last summer, but the system has been further refined in the meantime.