Loading repository data…
Loading repository data…
SyedShaheerHussain / repository
A secure authentication system that combines password login with one-time two-factor verification to protect accounts and prevent unauthorized access.
A secure login system that combines password authentication with two-factor verification for enhanced account protection.
A secure authentication system that protects user accounts using password-based login combined with two-factor authentication. It enhances security by verifying user identity through an additional one-time code, reducing unauthorized access and improving data protection. A Python-based Desktop Secure Authentication System implementing real-world security practices such as bcrypt password hashing, email-based OTP verification, and Two-Factor Authentication (2FA) with a modern GUI.
.png)
.png)
.png)
.png)
.png)
.png)
This project is suitable for:
This application provides a secure login and registration system with:
The system ensures that even if a password is compromised, login is impossible without OTP verification.
usersotp_sessionssecurity_logs| Category | Technology |
|---|---|
| Language | Python 3.10+ |
| GUI | CustomTkinter |
| Database | SQLite |
| Security | bcrypt |
| OTP | pyotp |
| smtplib (SMTP) | |
| Architecture | Modular (MVC-style) |
git clone https://github.com/SyedShaheerHussain/Secure-Login-System-with-2FA-GUI-.git
cd SecureLoginSystem
python -m venv venv
source venv/bin/activate # Linux / Mac
venv\Scripts\activate # Windows
python main.py
The application will:
Initialize database tables automatically
Open the Login screen
Allow new user registration
User opens Sign Up
Enters:
Username
Strong Password
Password is hashed using bcrypt
User is saved in the database
User proceeds to login
User enters email + password
Password is verified
OTP is generated
OTP is sent to user's email
User enters OTP on OTP screen
OTP is verified
Dashboard opens
📧 OTP Email Configuration
[!Important] ⚠️ OTP will NOT work unless email settings are configured manually by the user.
Why?
For security reasons, email credentials are NOT included in the project.
Google Account → Security
Enable 2-Step Verification
Google Account → Security → App Passwords
App: Mail
Device: Windows
Generate password
EMAIL_ADDRESS = "your_email@gmail.com"
EMAIL_PASSWORD = "your_app_password_here"
SMTP_SERVER = "smtp.gmail.com"
SMTP_PORT = 465
[!Important]
⚠️ Never use your real Gmail password
⚠️ Always use App Password
Passwords are never stored in plain text
OTP expires after limited time
Email credentials are excluded from repository
User email is unique (prevents duplicate accounts)
Modular codebase for easy extension
Google Authenticator (TOTP) support
OTP resend timer
Account lockout after failed attempts
Login history & device info
Password reset via email
Admin panel
[!Note] This project is created for educational and portfolio purposes.
Before using in production:
- Use environment variables
- Use encrypted database
- Implement HTTPS for network-based versions
© Syed Shaheer Hussain Python | Cyber Security | Secure Systems
If you find this repository useful or insightful, please consider:
Your support helps drive continued innovation and open-source contributions.
— Syed Shaheer Hussain