The employment of Electroencephalography (EEG) in the User Authentication (UA) scientific research has recently unlocked state-of-the-art experimentation, aiming at identifying and authenticating individuals given their brainiac activity within specific contexts of use. Indeed, utilizing EEG signals that are derived from brainiac activities can be used for tackling existing UA security threats such as shoulder surfing, thus providing a novel solution to contemporary security problems in traditional knowledge-based user authentication. In this survey, we aim to complete previous literature surveys by providing a systematic classification and presentation of existing research that is based on the following pillars: a) the user experimental setup, with an emphasis on the applied EEG-acquisition protocols (e.g., rest, external stimuli driven, mental and hybrid); b) the artificial intelligence techniques employed and finally c) the security and privacy preservation aspects. The reviewed papers cover a broad area of experiment protocols and various algorithms used for EEG signal classification. Moreover, most cited works include results from more than one experiments with different approaches and configurations. This leads to a discussion on best practices for EEG-based User Authentication and conclusions suggesting future research directions that consists, among others, of considering homomorphically encrypted biometric templates for information leakage prevention through federated learning approaches in decentralized architectures. We anticipate that the present literature review will provide a roadmap for future research by considering efficiently and effective EEG-based User Authentication methods while at the same time preserving privacy.