UNPKG

secure-login-two

Version:

A secure login where the user's private key is never hosted on servers or the user's online devices ( this project can also be used as a form of two-factor authentication ( 2FA ) where the user's private key is never hosted on servers )

github.com/harmotus/secure-login-two

harmotus/secure-login-two

56 lines (28 loc) 2.61 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
# Secure Login Two A secure login where the user's private key is never hosted on servers or the user's online devices ( this project can also be used as a form of two-factor authentication ( 2FA ) where the user's private key is never hosted on servers ) ## Requirements ![table](docs/table.png) ## Description **1 ) ** Using an online device ( D1 ) the user goes to the server's login page ( S1 ) ![login1](docs/login1.png) **2 ) ** The user simply enters his username in the form, and this data is submitted to the server ( login.php ) ![login2](docs/login2.png) **3 ) ** If the user's username exists in the server's database ( code.php ) then the server creates a random code ( 108 alphanumeric characters that are case sensitive ) and a QR code containing the random code is sent to the user ( code.php ) ![code1](docs/code1.png) **4 ) ** Using an offline device ( D2 ) the user scans the QR code, encrypts the QR code data with the user's private key and creates a new QR code. Subsequently, using the online device ( D1 ) the user scans the new QR code created on the offline device ( D2 ) and the encrypted data contained in this new QR code is submitted to the server ( code.php ) ![code2](docs/code2.png) **5 ) ** The server decrypts the encrypted data submitted by the user with the user's public key ( test.php ) if the decrypted data matches the random code created by the server then the user will be able to access the user's home page ( home.php ) ![home](docs/home.png) **6 ) ** And the user will also be able to access the user's profile page ( profile.php ) ![profile](docs/profile.png) ## Types of Philosophy **»  ** Philosophy : **Never-Never** * Private Keys : ( **Never** on servers ) and ( **Never** on online devices ) * Therefore, public keys only on ( online or offline ) servers and private keys only on offline devices. * This philosophy only applies when using asymmetric encryption algorithms ( RSA, ECDSA, EdDSA, etc. ) **»  ** Philosophy : **Only-Only** * Private Keys : ( **Only** on offline servers ) and ( **Only** on offline devices ) * Therefore, private keys : never on online servers and never on online devices. * This philosophy only applies when using symmetric encryption algorithms ( AES, 3DES, etc. ) ## License [MIT](https://opensource.org/license/mit)