Scribd
Upload
39 views

2FA Project FINAL

The document describes a system that implements two-factor authentication and prevents brute force login attacks. It uses both a standard username and password as well as a graphical password. It also captures an attacker's face and emails the victim if too many failed login attempts are made.

Uploaded by

vasanthanv.ug20.it
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
39 views

2FA Project FINAL

The document describes a system that implements two-factor authentication and prevents brute force login attacks. It uses both a standard username and password as well as a graphical password. It also captures an attacker's face and emails the victim if too many failed login attempts are made.

Uploaded by

vasanthanv.ug20.it
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 18

ILLICIT LOGIN PREVENTION SYSTEM

USING
TWO FACTOR AUTHENTICATION (2FA)

Contributors: Vasanthan. V
Venkatesh. C
Sathish. M

Guided By: Mrs. C. Jean Celia Grace


ABSTRACT
 Traditional password-based authentication systems are vulnerable to attacks such as brute force attacks, where an
attacker can repeatedly attempt to log in with various passwords until they find the correct one.

 To mitigate this vulnerability, a two-factor authentication system is used, which requires users to provide two
forms of identification to access their accounts.

 In this project, we implement a two-factor authentication system that uses a combination of username and
password authentication and graphical password authentication.

 This project aims to enhance the security of user authentication systems by implementing two-factor authentication
using a combination of normal username and password authentication and graphical password authentication.

 In addition, the system also prevents brute force attacks by capturing the attacker's face using their webcam and
emailing the victim with the attacker's identity and information about the attack.
 Graphical passwords are a more secure alternative to traditional alphanumeric passwords, as they
are harder to guess and more difficult to brute force.
 In this system, the user selects a sequence of image locations that are randomly displayed on the
login screen.
 The user is required to click on the correct locations in the correct sequence to log in successfully.
 In addition to the two-factor authentication system, we also implement a mechanism to prevent
brute force attacks.
 This involves capturing the attacker's face using their webcam and emailing the victim with the
attacker's identity and information about the attack, including the time and login attempt count.
 Overall, the project aims to enhance the security of user authentication systems and provide a more
secure login mechanism that is resilient to attacks such as brute force attacks.
INTRODUCTION

 Modern world has provided us many techniques and mechanisms and either to use them in a positive
way or in a negative way is in our hands.
 This multilevel password technique consists of not only static password or the dynamic password but the
combination of both.
 Using this multifactor technique it is hard to crack the password because it consists of three different
security mechanisms.
 Those mechanisms are 1) text-based password 2) Image based authentication and Login Prevention from
Brute Force Attack
 This project propose a three level password technique which enhance the security system for maintaining
confidentiality of a system.
AIM AND OBJECTIVE
Aim:
The aim of the project is to enhance the security of online authentication and prevent
unauthorized access to online accounts. The project aims to prevent brute force attacks by
limiting the number of login attempts and tracking the number of unsuccessful attempts
made by an attacker.

Objective:
 To develop a secure and user-friendly graphical password authentication system

 To enhance the security of the system

 To make password more stronger and user friendly

 To reduce probability of guessing of password

 To prevent from guessing attack


TWO FACTOR AUTHENTICATION(2FA)

Two-factor authentication (2FA) is a security system that requires two


distinct forms of identification to access something. 2FA is also known as two-step verification
or dual-factor authentication. The first factor of 2FA is usually a password. The second factor
commonly includes a text with a code sent to your smart phone, or biometrics using your
fingerprint, face, or retina.2FA enhances the level of security within a system by requiring two
steps in order to verify a user.
EXISTING SYSTEM
 For the External Attacker: HPAKE provides the password leakage as well as
honeyword techniques.
 If the authentication server is compromised, the attacker will get a password
list.
 The attacker cannot tell which one is real and probably runs HPAKE with the
honeyword to compromise the account
 This will produce a honey session key, and the usage of the session key will
be detected and alarmed
 For the insider: HPAKE guarantees that the password plaintext is never left
from the client
 The Authentication is explicitly done by the key exchange

 And running with the real password will yield a real session key, and only the
instruction encrypted by the real session key will be allowed
 Therefore the server/insider cannot steal the password plaintext
PROBLEMS IDENTIFIED
 The Session Hijacking attack compromises the session token by stealing or predicting a
valid session token to gain unauthorized access to the Web Server.

 Depending on the targeted website, this can mean fraudulently purchasing items,
accessing detailed personal information that can be used for identity theft, stealing
confidential company data, or simply draining your bank account.

 It means that a successful attack can give the attacker access to multiple web
applications at once, including financial systems, customer databases, and storage
locations that contain valuable intellectual property.
SYSTEM REQUIREMENTS
Hardware Requirements
• Processors : Intel® Core™ i5 processor,8 GB of Ram
• DRAM Disk space : 320 GB
• Operating systems : Windows® 10, mac OS*, and Linux*

Software Requirements
• Server Side : Python 3.7.4(64-bit) or (32-bit)
• Client Side : HTML, CSS, Bootstrap
• IDE : Flask 1.1.1
• Back end : MySQL 5.
• Server : Wampserver 2i
MODULES DESCRIPTIONS
1. Login Preventer Web App
The design of the Login Preventer Web App module includes several components:
1.1. Front-end
The front-end of the web app will be designed using HTML, CSS, and JavaScript. It will include the login page where
the user can enter their username and password, as well as the graphical password authentication page where the user
can select their image sequence.
1.2. Back-end
The back-end of the web app will be designed using Python Flask framework. It will handle the authentication process
and the prevention of brute force attacks
1.3. Database
The database will be designed using MySQL. It will store user information, such as usernames, passwords, and
graphical password sequences.
CONCLUSION
 Two-factor authentication (2FA) adds an extra layer of security to online
accounts by requiring a second form of identification, such as a security code
or biometric factor. This extra layer of security makes it much harder for
attackers to gain access to a person's devices or online accounts. This project
explains details about login prevention using system two-factor
authentication.

You might also like