### Task Description

You are required to implement Python scripts to demonstrate the usage of the
following activities.

1.1. Assuming that a user enters a password e.g. Test1234, apply a password validation for a user input to login.
o The password should include capital and lowercase letters, a number and 8 to 12 characters.
o The password should have at least 2 capital or lowercase letters
o The password should not include any spaces
o You can use any predefined Python library or develop your scripts from scratch.

### 1.2. Assuming that a user enters a username e.g. admin and a password
Test1234, apply a password encryption and decryption strategy.
o Demonstrate an encryption-decryption use case for user name and password.
o Demonstrate an example of successful and unsuccessful login using any data input that you prefer.

### 1.3. Implement a multifactor authentication case using Python.

o Demonstrate the use of a multifactor authentication case in Python. For this example you will need to change the period interval to 25 seconds.

o Generate the following set of events in Python:
▪ Simulate a new one time pin,
▪ Then verify the user,
▪ Then wait for 30 seconds
▪ Then verify once more.

In [18]:
import re

def validate_login_password(password):
    
    if re.match(r'^(?=.*[a-zA-Z].*[a-zA-Z])(?=.*\d)[a-zA-Z\d]{8,12}$', password) and \
            sum(c.isalpha() for c in password) >= 2 and ' ' not in password:
        return True
    else:
        return False

# User enters a password for login
user_input_password = input("Enter your login password: ")

# Validate the entered password
if validate_login_password(user_input_password):
    print("Password is valid. Login successful.")
else:
    print("Invalid password. Login denied.")


Enter your login password:  Victoria 1


Invalid password. Login denied.


In [25]:
from cryptography.fernet import Fernet

# Generate a key for encryption and decryption
key = Fernet.generate_key()
cipher_suite = Fernet(key)

def encrypt(data):
    return cipher_suite.encrypt(data.encode())

def decrypt(data):
    return cipher_suite.decrypt(data).decode()

# Assume stored encrypted password for the user 'admin' is the encryption of 'Test1234'
stored_encrypted_password = encrypt("Test1234").decode()

def validate_login_credentials(username, entered_password):
    if username == "admin":
        entered_encrypted_password = encrypt(entered_password).decode()
        return entered_encrypted_password == stored_encrypted_password
    else:
        return False

# User enters a username and password for login
user_input_username = input("Enter your login username: ")
user_input_password = input("Enter your login password: ")

# Validate the entered credentials
if validate_login_credentials(user_input_username, user_input_password):
    print("Login successful.")
else:
    print("Invalid credentials. Login denied.")


Enter your login username:  admin
Enter your login password:  Test1234


Invalid credentials. Login denied.


In [13]:
pip install cryptography

Note: you may need to restart the kernel to use updated packages.


In [20]:
import re
from cryptography.fernet import Fernet

# Key generation for encryption and decryption
key = Fernet.generate_key()
cipher_suite = Fernet(key)

def encrypt(data):
    return cipher_suite.encrypt(data.encode())

def decrypt(data):
    return cipher_suite.decrypt(data).decode()

def validate_login_credentials(username, password):
    # Criteria: Capital and lowercase letters, a number, 8 to 12 characters
    # Condition: At least 2 capital or lowercase letters
    # Restriction: No spaces allowed
    if re.match(r'^(?=.*[a-zA-Z].*[a-zA-Z])(?=.*\d)[a-zA-Z\d]{8,12}$', password) and \
            sum(c.isalpha() for c in password) >= 2 and ' ' not in password:
        return True
    else:
        return False

# User enters a username and password for login
user_input_username = input("Enter your login username: ")
user_input_password = input("Enter your login password: ")

# Encrypt the entered password
encrypted_password = encrypt(user_input_password)

# Validate the entered credentials
if validate_login_credentials(user_input_username, user_input_password):
    print("Login successful.")
else:
    print("Invalid credentials. Login denied.")

# Demonstrate decryption (for illustration purposes)
decrypted_password = decrypt(encrypted_password)
print("Decrypted Password:", decrypted_password)


Enter your login username:  victoria
Enter your login password:  Victoria1234


Login successful.
Decrypted Password: Victoria1234


In [41]:
pip install pyotp

Collecting pyotpNote: you may need to restart the kernel to use updated packages.

  Obtaining dependency information for pyotp from https://files.pythonhosted.org/packages/c3/c0/c33c8792c3e50193ef55adb95c1c3c2786fe281123291c2dbf0eaab95a6f/pyotp-2.9.0-py3-none-any.whl.metadata
  Downloading pyotp-2.9.0-py3-none-any.whl.metadata (9.8 kB)
Downloading pyotp-2.9.0-py3-none-any.whl (13 kB)
Installing collected packages: pyotp
Successfully installed pyotp-2.9.0


In [16]:
import pyotp
import time

# Generate a secret key for TOTP
secret_key = pyotp.random_base32()
totp = pyotp.TOTP(secret_key, interval=25)

# Simulate a new one-time pin (OTP)
otp = totp.now()
print(f"Generated OTP: {otp}")

# Simulate verifying the user with the OTP
user_input_otp = input("Enter the OTP to verify: ")

if totp.verify(user_input_otp):
    print("Verification successful.")
else:
    print("Invalid OTP. Verification failed.")

# Wait for 30 seconds
time.sleep(30)

# Simulate generating a new OTP after waiting
new_otp = totp.now()
print(f"\nGenerated New OTP: {new_otp}")

# Simulate verifying the user with the new OTP
user_input_new_otp = input("Enter the new OTP to verify: ")

if totp.verify(user_input_new_otp):
    print("Verification successful.")
else:
    print("Invalid OTP. Verification failed.")


Generated OTP: 630985


Enter the OTP to verify:  630985


Verification successful.

Generated New OTP: 662638


Enter the new OTP to verify:  663638


Invalid OTP. Verification failed.
