https://github.com/harmotus/secure-login-two

A secure login where the user's private key is never hosted on servers or the user's online devices ( this project can also be used as a form of two-factor authentication ( 2FA ) where the user's private key is never hosted on servers )
https://github.com/harmotus/secure-login-two

2fa authentication html5 javascript login mysql mysql-database password-protection php php-authentication php-login php-mysqli php-pdo qr-code responsive-web-design rsa rsa-encryption rsa-key-pair security two-factor-authentication

Last synced: 3 months ago
JSON representation

A secure login where the user's private key is never hosted on servers or the user's online devices ( this project can also be used as a form of two-factor authentication ( 2FA ) where the user's private key is never hosted on servers )

• Host: GitHub
• URL: https://github.com/harmotus/secure-login-two
• Owner: harmotus
• License: mit
• Created: 2025-02-04T04:11:32.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2025-02-05T20:10:31.000Z (over 1 year ago)
• Last Synced: 2025-10-30T09:34:35.288Z (7 months ago)
• Topics: 2fa, authentication, html5, javascript, login, mysql, mysql-database, password-protection, php, php-authentication, php-login, php-mysqli, php-pdo, qr-code, responsive-web-design, rsa, rsa-encryption, rsa-key-pair, security, two-factor-authentication
• Language: PHP
• Homepage:
• Size: 80.1 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Secure Login Two

A secure login where the user's private key is never hosted on servers or the user's online devices ( this project can also be used as a form of two-factor authentication ( 2FA ) where the user's private key is never hosted on servers )

## Requirements

![table](docs/table.png)

## Description

**1 ) ** Using an online device ( D1 ) the user goes to the server's login page ( S1 )

![login1](docs/login1.png)

**2 ) ** The user simply enters his username in the form, and this data is submitted to the server ( login.php )

![login2](docs/login2.png)

**3 ) ** If the user's username exists in the server's database ( code.php ) then the server creates a random code ( 108 alphanumeric characters that are case sensitive ) and a QR code containing the random code is sent to the user ( code.php )

![code1](docs/code1.png)

**4 ) ** Using an offline device ( D2 ) the user scans the QR code, encrypts the QR code data with the user's private key and creates a new QR code. Subsequently, using the online device ( D1 ) the user scans the new QR code created on the offline device ( D2 ) and the encrypted data contained in this new QR code is submitted to the server ( code.php )

![code2](docs/code2.png)

**5 ) ** The server decrypts the encrypted data submitted by the user with the user's public key ( test.php ) if the decrypted data matches the random code created by the server then the user will be able to access the user's home page ( home.php )

![home](docs/home.png)

**6 ) ** And the user will also be able to access the user's profile page ( profile.php )

![profile](docs/profile.png)

## Types of Philosophy

**»  ** Philosophy : **Never-Never**

* Private Keys : ( **Never** on servers ) and ( **Never** on online devices )

* Therefore, public keys only on ( online or offline ) servers and private keys only on offline devices.

* This philosophy only applies when using asymmetric encryption algorithms ( RSA, ECDSA, EdDSA, etc. )

**»  ** Philosophy : **Only-Only**

* Private Keys : ( **Only** on offline servers ) and ( **Only** on offline devices )

* Therefore, private keys : never on online servers and never on online devices.

* This philosophy only applies when using symmetric encryption algorithms ( AES, 3DES, etc. )

## License

[MIT](https://opensource.org/license/mit)