This is the implementation of the system described in TOTP Based Authentication Using QR Code for Gateway Entry System
The primary objective of this research project is to introduce a secure authentication method for gateway entry system that complements the one currently in use. The proposed system will use QR code, Time-based-One-Time-Password (TOTP) and Biometrics with the aim of increasing the security and reducing the cost of the system.
Registration - Complete registration process.
Successful Entry - Access is granted when App is used.
Unsuccessful Entry - When a screenshot of an earlier QR code is used, access is denied.
Website - Site used for Verification.
- The user is required to enter the authorised email ID and password in order to login. First time users need to register in order to proceed.
- After registration, a verification email is sent to the authorised email ID. Upon verification, the user is allowed to login.
- Once login is done, the shared secret key is sent to the user and also stored in the app. This key is used to generate the TOTP which is embedded in the QR code.
- The QR code is then scanned using a QR code scanner. This TOTP is then compared with the TOTP generated in the server.
- If both the TOTPs match, then the user is allowed to enter, otherwise entry is not allowed.