paper examined the design and implementation of a two-factor authentication
login system using OTP with SMS. The quest for the application of tighter
security measures to web, desktop and mobile applications developed has been a
major concern to a lot of people. Faced with the challenges of poor security
and vulnerability of users, resulting to applications being hacked by unauthorized
people, the researcher delved into developing a more secured login application
that sends a secret passcode to the registered phone number of a user for
identification purpose. The aim of the application is basically to ensure that
users are safe, and all logins are authorized. The application was developed
with PHP, MYSQL, CSS, BOOTSTRAP AND HTML technologies.
the development of science and technology and means of storage and exchange of
information in different ways, or so-called transfer of data across the network
from one site to another site, became to look at the security of data and
information is important; we need to provide protection for the information of
the dangers that threaten them or attack them through the use of tools to
protect information from internal or external threats. In addition to the
procedures adopted to prevent access information into the hands of unauthorized
persons through communications and to ensure the authenticity of these
Today security concerns are on the
ascent in all areas. Most systems today rely on static passwords to verify the
user’s identity. Users have a propensity to use obvious passwords, simple
password, easily guessable password and same password for multiple accounts,
and even write their passwords, store them on their system or asking the
websites for remembering their password etc. Utilization of static passwords in
this expanded dependence on access to IT systems progressively presents
themselves to Hackers, ID Thieves and Fraudsters. In addition, hackers have the
preference of using numerous techniques / attacks such as guessing attack,
shoulder surfing attack, dictionary attack, brute force attack, snooping
attack, social engineering attack etc. to steal passwords so as to gain access
to their login accounts. Quite a few techniques, strategies for using passwords
have been proposed but some of which are especially not easy to use and
practice. To solve the password problem in banking sectors and also for online
transaction two factor authentications using OTP and ATM pin / cards have been
OF THE STUDY
The project aims and objectives that
will be achieved after completion of this project are discussed in this
subchapter. The aims and objectives are as follows:
1. Avoid the risks related to the use
2. Limit the unauthorized access to
3. Verification of the person requesting
access to the system.
4. Building authentication process with
5. To take advantage of users smartphone’s
OF THE PROBLEMS
In recent years, increased interest
institutions and organizations in the security aspects of their networks and
systems, and among these aspects to verify that the person requesting access to
the system that he is the person who claims that he/she is, this process called
Authentication, in most systems are using a password only to access the system
for login process. Below are some problems and risks for the use of password in
the user authentication process:
1. Recently it became Breakthroughs
systems, websites and personal accounts are a large and different ways, because
of weak protection of those systems methods so it was necessary to find ways
more secure to protect those systems.
2. Passwords become easier to guess.
3. Short passwords are easy to guess and
4. Equipment and software often has
standard pre-configured passwords (default passwords).
5. Most people they have many account use
same password for all these accounts.
OF THE STUDY
With the development of computer
science progressed accordingly ways to hack, and different ways plus
sensitivity of data; as a result, the greater the need to find solutions to
overcome the weaknesses those hackers exploits it, we will give a proposal for
two level user authentications to access the system.
SCOPE OF THE STUDY
two way mobile authentication system is an innovative technology used to solve
the existing problems of the present one factor authentication which is a
simple username and a password. The two way mobile authentication solves this
problem by using a strong authentication with the combination of ―something you
―something you have‖ and ―something you are‖. When compared the
above three methods individually, all the methods have some vulnerabilities.
Something you know—may
be shared, something you have –may be stolen and something you are stronger but
it is expensive to use in all the cases. So the combination provides a stronger
project is aimed towards the realization of a strong two factor authentication
using mobile device to
with a cost effective and user friendly authentication.
the use of a simple username and password system which is not secure anymore.
the mobile as your authentication token.
to use any existing applications on web.
additional use of hardware.
1. Authentication: the process or action of proving or
showing something to be true, genuine, or valid.
2. System: Physical component of a computer that is used to
perform certain task.
3. Data: Numbers, Text or image which is in the form
suitable for Storage in or
processing by a computer, or incomplete information.
4. Information: A meaning full material derived
from computer data by organizing it and interpreting it in a specified way.
5. Input: Data entered into a computer for storage or
6. Output: Information produced from a
computer after processing.
7. Information System: A set of interrelated components
that collect (or retrieve), process, store and distribute information to
support decision making and control in an organization.
8. Computer: Computer is an electronic device that
accepts data as Input, processes data and
gives out information as output
to the user.
9. Software:-Software is set of related programs
that are designed by the manufacturer to control the hardware and to enable the
computer perform a given task.
- Hardware is a physical part of a
computer that can be touched, seen, feel which are been control by the software
to perform a given task.
- Database is the collection of related
data in an organized form.
- programming is a set of
coded instruction which the computers understands and obey.
-Technology is the branch of knowledge
that deals with the creation and use technical and their interrelation with
life, society and the environment, drawing upon such as industrial art,
engineering, applied science and pure science.
Algorithm : A set of logic
rules determined during the design phase of a data matching application. The
‘blueprint’ used to turn logic rules into computer instructions that detail
what step to perform in what order.