A secure authentication system that combines biometric authentication (simulated fingerprint) with two-factor authentication (TOTP) for enhanced security.
- 🔐 Biometric authentication using simulated fingerprints
- 🔑 Two-factor authentication using TOTP (Time-based One-Time Password)
- 🔒 Encrypted storage of sensitive data
- 📱 QR code generation for easy authenticator app setup
- 👥 User management (registration, authentication, listing, deletion)
- PBKDF2 hashing with SHA-256 for biometric data
- Fernet symmetric encryption for sensitive data
- Salt-based hashing to prevent rainbow table attacks
- Secure random key generation
- Nonce-based encryption to prevent replay attacks
- Python 3.8 or higher
- pip (Python package installer)
- Clone the repository:
git clone <repository-url>
cd bioapp- Install required packages:
pip install numpy pyotp qrcode cryptography pillow- Run the application:
python main.py- Available Options:
- 1️⃣ Register User: Create a new user with biometric and 2FA
- 2️⃣ Authenticate User: Login with existing credentials
- 3️⃣ View All Users: List all registered users
- 4️⃣ Delete All Users: Remove all user data (requires confirmation)
- 5️⃣ Exit: Close the application
- Select option 1 to register a new user
- Enter your desired username
- The system will:
- Generate a simulated fingerprint
- Create a secure hash
- Generate a TOTP secret
- Display a QR code
- Scan the QR code with Google Authenticator or Authy
- Save the manual entry code as backup
- Select option 2 to authenticate
- Enter your username
- The system will verify your biometric data
- Enter the TOTP code from your authenticator app
- If both verifications pass, you're authenticated
-
Biometric Module (
biometric.py)- Simulates fingerprint generation
- Uses seeded random numbers for consistency
- Generates 128-dimensional feature vectors
-
Encryption Module (
encryption.py)- Uses Fernet (AES-128-CBC) encryption
- Implements secure key generation
- Provides data encryption/decryption
-
Hashing Module (
hashing.py)- Implements PBKDF2 with SHA-256
- Uses salt-based hashing
- Provides hash verification
-
TOTP Module (
totp.py)- Implements RFC 6238 TOTP standard
- Generates secure random secrets
- Provides code verification
-
Authentication Module (
auth.py)- Manages user registration and authentication
- Handles data storage and retrieval
- Implements QR code generation
- User data is stored in
users.json - Sensitive data is encrypted before storage
- Biometric hashes are salted and encrypted
- TOTP secrets are stored securely
-
Biometric Data
- Simulated for demonstration
- In production, use actual biometric hardware
- Data is hashed and encrypted
-
Two-Factor Authentication
- Uses standard TOTP implementation
- Compatible with Google Authenticator
- Supports backup codes
-
Data Protection
- All sensitive data is encrypted
- Uses secure random number generation
- Implements salt-based hashing
- Biometric simulation is for demonstration only
- No password protection for user data
- Single-factor biometric authentication
- No rate limiting implemented
- Add actual biometric hardware support
- Implement rate limiting
- Add password protection
- Support multiple biometric factors
- Add user session management
- Implement backup/recovery options
- Fork the repository
- Create a feature branch
- Commit your changes
- Push to the branch
- Create a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
This is a demonstration project. For production use:
- Implement proper biometric hardware
- Add additional security measures
- Conduct security audits
- Follow security best practices