A secure login system that combines password authentication with two-factor verification for enhanced account protection.
A secure authentication system that protects user accounts using password-based login combined with two-factor authentication. It enhances security by verifying user identity through an additional one-time code, reducing unauthorized access and improving data protection. A Python-based Desktop Secure Authentication System implementing real-world security practices such as bcrypt password hashing, email-based OTP verification, and Two-Factor Authentication (2FA) with a modern GUI.
.png)
.png)
.png)
.png)
.png)
.png)
This project is suitable for:
- Final Year Project (FYP)
- Cyber Security / Python Portfolio
- Secure Desktop Application Demonstration
- Authentication System Learning
This application provides a secure login and registration system with:
- Modern desktop GUI (Dark / Light Mode)
- Encrypted password storage
- OTP-based login verification
- Database-backed authentication
- Real-world security workflow
The system ensures that even if a password is compromised, login is impossible without OTP verification.
- Secure user registration & login
- bcrypt password hashing (no plain-text passwords)
- Password strength indicator with color-based feedback
- Input validation with user-friendly messages
- Email-based One-Time Password (OTP)
- OTP validity with expiration
- OTP verification screen before dashboard access
- Secure OTP storage and verification logic
- Desktop application (Python)
- Modern GUI using CustomTkinter
- Dark & Light mode support
- Smooth screen transitions
- Splash screen (optional)
- SQLite database
- Structured tables:
usersotp_sessionssecurity_logs
- Unique email constraint
- Secure database handling
- User profile display
- Last login time
- Security status
- Logout functionality
| Category | Technology |
|---|---|
| Language | Python 3.10+ |
| GUI | CustomTkinter |
| Database | SQLite |
| Security | bcrypt |
| OTP | pyotp |
| smtplib (SMTP) | |
| Architecture | Modular (MVC-style) |
git clone https://github.com/SyedShaheerHussain/Secure-Login-System-with-2FA-GUI-.git
cd SecureLoginSystem
python -m venv venv
source venv/bin/activate # Linux / Mac
venv\Scripts\activate # Windows
python main.py
The application will:
-
Initialize database tables automatically
-
Open the Login screen
-
Allow new user registration
-
User opens Sign Up
-
Enters:
-
Username
-
Email
-
Strong Password
-
Password is hashed using bcrypt
-
User is saved in the database
-
User proceeds to login
-
User enters email + password
-
Password is verified
-
OTP is generated
-
OTP is sent to user's email
-
User enters OTP on OTP screen
-
OTP is verified
-
Dashboard opens
π§ OTP Email Configuration
Important
Why?
For security reasons, email credentials are NOT included in the project.
-
Google Account β Security
-
Enable 2-Step Verification
-
Google Account β Security β App Passwords
-
App: Mail
-
Device: Windows
-
Generate password
EMAIL_ADDRESS = "[email protected]"
EMAIL_PASSWORD = "your_app_password_here"
SMTP_SERVER = "smtp.gmail.com"
SMTP_PORT = 465
Important
-
Passwords are never stored in plain text
-
OTP expires after limited time
-
Email credentials are excluded from repository
-
User email is unique (prevents duplicate accounts)
-
Modular codebase for easy extension
-
Google Authenticator (TOTP) support
-
OTP resend timer
-
Account lockout after failed attempts
-
Login history & device info
-
Password reset via email
-
Admin panel
Note
This project is created for educational and portfolio purposes.
Before using in production:
- Use environment variables
- Use encrypted database
- Implement HTTPS for network-based versions
Β© Syed Shaheer Hussain Python | Cyber Security | Secure Systems
If you like this project:
Star β the repository
Fork π΄ it
Share with others