It is well appreciated by experts and end-users alike that strong authentication is critical to cybersecurity and privacy, now and into the future. The currently dominant method of authentication in consumer applications, single-factor authentication using passwords or other user-chosen secrets, faces many challenges. Major industry players such as Google and Facebook have strongly encouraged their users to adopt two-factor authentication (2FA). However, submitting two different authenticators in two separate steps has frustrated wide adoption due to its additional hassle to users. In previous work, ”one-step two-factor authentication” has been proposed as a new approach to authentication that can provide the security benefits of two factor authentication without incurring the hassle of two-step verification. Researchers at UC Berkeley have created a one step, three-factor authentication. In computer security, authenticators are classified into three types: knowledge factors (e.g., passwords and PINs), possession factors (e.g., physical tokens, ATM cards), and inherence factors (e.g., fingerprints and other biometrics). By taking advantage of a physical token in the form of personalized earpieces, the uniqueness of an individual’s brainwaves, and a choice of mental task to use as one’s passthoughts, they have achieved all three factors of authentication in a single step by the user.