Three Level Authentication

1
Three Level Image Based Password Authentication System

A project report submitted in partial fulfillment of the
requirements for the Award of the Degree of
BACHELOR OF COMPUTER APPLICATIONS

By
Jaya Sravani Sunkara (190047400042)
Devi Sri Satya Tadikonda (190047400043)
Lekhana Lakshmi Naga
Ambica (190047400044)
Sai Bindu madhav Tsalla (190047400045)
Dileep Kumar Ullamparthi (190047400046)
Under the Esteemed Guidance of

Sri. D.Lakshmi Prasanna M.Tech (Ph.D)
Lecturer
Department of Computers.
DEPARTMENT OF COMPUTERS
ADITYA DEGREE COLLEGE
(Affiliated to AKNU)
Amalapuram,Konaseema, A.P, Pin-533201.
2019-2022
2
CERTIFICATE
DEPARTMENT OF COMPUTERS
ADITYA DEGREE COLLEGE
(Affiliated to AKNU)
Amalapuram, Konaseema, A.P, Pin-533201.
This is to certify that the thesis entitled “Three Level Image Password Authentication
System” that is being submitted by us in Partial Fulfillment of the requirements for the award of the
Degree of Bachelor of Computer Applications in the academic year 2019-22 to the Adikavi
Nannaya University,Rajamahendravaram is a record of bonafide work carried out by him/her
under my guidance and supervision.
The results embodied in this thesis have not been submitted to any other University or
Institute for the award of any degree or diploma.
Project Supervisor Head of the Dept
Principal External
3
DECLARATION
This is to declare that the project work entitled “Three level Image Password Authentication
System”, is a bonafide work done by us, under the esteemed guidance of “D.LAKSHMI
PRASANNA” professor,department of computers, Aditya Degree College. This project report
is being submitted in the partial fulfillment of the requirements for the award of the degree of
Bachelor of Computer Application during the academic year 2019-2022. This project possesses
originality as it is not extracted from any source and it has not been submitted to any other
institution or university.

Ambica (190047400044)
AMALAPURAM
Date:
4
ACKNOWLEDGEMENTS
I would like to take the privilege of the opportunity to express my gratitude in the Project
work of “Three Level Image Password Authentication System” enabled us to express our special
thanks to our honorable Chairman of the institution Sri N.Sesha Reddy.
I am thankful to Secretary Smt N.Suguna Reddy, and principal Dr. Ch.Subba Reddy who
has shown keen interest in us and encouraged us by providing all the facilities to complete my
project successfully.
I am extremely thankful to our Project Review Committee & Departmental Committee who
have been a source of inspiration for us throughout my project and for their valuable advice in
making my project a success.
I express my sincere thanks to my beloved supervisor and Head of the Department of CSE
“Smt G. N .V. Usha Sri” , who has been a source of inspiration for us throughout my project and for
his valuable advice in making my project a success.
I wish to express my sincere thanks to all teaching and non teaching staff of Computers. I
wish to express my special thanks to all the Faculty members of our College for their concern in
subjects and their help throughout my course.
I am very thankful to all my friends who had given me good cooperation and suggestions
throughout this project and helped me in successful completion.

Ambica (190047400044)
5
ABSTRACT
Inspite of many efforts taken nowadays still security threats can be seen everywhere. And from the
starting we are using just single level password authentication factors, which is not sufficient to give
more security. In order to be more secure we can think of Three Level Password Authentication
System.So this is an idea to implement three levels password authentication for true users. In short
we can say, this is to implement three level of security. The First level password constitutes of
simple text based password and this effort is taken to resist shoulder surfing attack through the
text password. The Color Combination password there is basically three colors red green blue (RGB)
where user can set different combination of colors according to there choice just by clicking on
those colors forms the second level of authentication.Third level uses a Picture Password there at
first user have to select an image in jpg format to use as an password and then user can set the
password by clicking on the image in different places. These three levels of password in securing
the resources from unauthorized use.
6
Contents
S.No Chapter Page Number
1. CHAPTER-I
1.1 INTRODUCTION 8
1.1.1 ABOUT PROJECT
1.1.2 PURPOSE OF THE
PROJECT
1.1.3 PROJECT OBJECTIVE
1.1.4 PROJECT SCOPE
1.1.5 PROJECT OVERVIEW
2. CHAPTER-II
2.1 LITERATURE SURVEY 8
3. CHAPTER-III
3.1 SYSTEM ANALYSIS 9
3.1.1 EXISTING SYSTEM
3.1.2 PROPOSED SYSTEM
3.1.3 FEASIBILITY STUDY
4. CHAPTER-IV
4.1 REQUIREMENT ANALYSIS 10
4.1 SOFTWARE
REQUIREMENTS
4.2 HARDWARE
REQUIREMENTS
5 CHAPTER-V
5.1 SYSTEM DESIGN 11
5.1.1 UML DIAGRAMS
6. CHAPTER-VI
6.1 IMPLEMENTATION 14
7 CHAPTER-VII
7.1 TESTING 28
8 CHAPTER-VIII
7
8.1 RESULT OR OUTPUT 29
9 CHAPTER-IX
9.1 CONCLUSION 31
10 CHAPTER-X
10.1 FUTURE SCOPE OF WORK 31
8
INTRODUCTION
1.1.1 ABOUT THE PROJECT:

This project gives more security to the user and validates user for accessing the system only when
they have input correct password. The project involves three levels of user authentication. There
are varieties of password authentication systems available now a days but many of which have
failed due to bot attacks while few have sustained it but to a certain limit. In short, almost all the
passwords authentication system available today can be broken down easily. Hence this project is
aimed to achieve the highest security in authenticating or validating correct users. This project
contains three logins which include three different kinds of password system. The password
difficulty increases as the authentication level increases. Users have to enter Or input correct
password in order to successful login. Users will be given privilege Or have rights to set passwords
according to their wish. This project comprises of text password i.e. passphrase, color combination
and graphical password for the three levels respectively. Along these lines there would be
immaterial odds of bot or anybody to split passwords regardless of whether they have broken the
principal level or second level, it is difficult to break the third one. Consequently while making the
innovation the accentuation was put on the utilization of inventive and untraditional techniques.
Numerous clients locate the most broad text‐based secret key frameworks hostile, so on account of
three level secret key we had a go at making a straightforward UI and giving clients the best
possible comfort in solving password.
1.1.2 PURPOSE OF THE PROJECT:
It is found that a three-level authentication system helps to provide more security
compared to one-level and two-level authentication systems. Three levels are more
important because the user needs to enter critical details and log in with three different
levels of authentication.
1.1.3 PROJECT OBJECTIVE:
These authentication schemes are classified as knowledge based authentication. The main
objective of the three level security system is to provide advanced security to the web
applications, to prevent unauthorized access and to make the applications more user
friendly
1.1.4 PROJECT SCOPE:
The system's scope is using three existing schemes which are text based
password, graphical/pattern lock password and one time password. The users need to
input correct password in the previous level before continuing with the next level. So, this
will help to improve the security level in authentication.
1.1.5 PROJECT OVERVIEW:
It contains three logins having three different kinds of password system. The
password difficulty increases with each level. Users have to input correct password for
successful login. Users would be given privilege to set passwords according to their wish.
2.1 LITERATURE SURVEY

The main objective of this project is to design a three level authentication password scheme based
on text-based password, pattern-based / graphical password and one time password for improving
the security protection. This chapter will discuss about the basic concept of authentication using
these three level authentication password to authenticate user and compare which approaches is
the best. Besides, there will be some of related or existing approaches will be discussed as well.
9
3.1 SYSTEM ANALYSIS
3.1.1 EXISTING SYSTEM
A security breach can be a threat to national confidential data or the private data of an
organization or a person. The most popular kind of password used for security purposes is
text-based. However, these passwords can be easily breached and one may lose his/her
private data to the wrong hands. With the rise in cyber-crime, security threats related to
logins & accesses have become a major concern. Also, the use of single security
authentication is not sufficient enough to keep you protected from cyber threats.
3.1.2 PROPOSED SYSTEM
To increase the security level we have developed a Three-Level Password Authentication

system that will make sure that only the authorized person will have access to the system or
data. This system contains three-level logins having three different kinds of password
systems. The project comprises a passphrase, image-based segmentation password, and
graphical password. The password difficulty increases with each level making the access
more secured. In this way, this PHP-based Three Level Authentication System will help the
users to keep their data safe from any hackers & cyber threats.
ADVANTAGES OF PROPOSED SYSTEM:
1) The system is user-friendly and has simple interface.

2)Provides strong security against bot attacks or hackers.
3)Users can set or upload their own images.
OVERVIEW OF THE PROPOSED SYSTEM
First Level: The first level is a conventional password system i.e. text based password or a
passphrase. Users would have to set a text password initially based on some specifications.
Second Level: The second level is an image based password where users can upload their desired
image into the system and then create password by segmenting it and assigning them serial
numbers. During login process the system will automatically disperse the image segmentations and
users have to arrange it as set by them initially.
Third Level: The third level is a graphical password method where users have to set password based
on some color combinations through RGB button combinations
10
3.1.3 FEASIBILITY STUDY:
Once the problem is clearly understood, the next step is to conduct a feasibility
study, which is a high-level capsule version of the entered systems and design process. The
objective is to determine whether or not the proposed system is feasible. The three tests of
feasibility have been carried out.
● Technical Feasibility
● Economical Feasibility
● Operational Feasibility
TECHNICAL FEASIBILITY:
In Technical Feasibility study, one has to test whether the proposed system can be developed using
existing technology or not. It is planned to implement the proposed system using java technology. It
is evident that the necessary hardware and software are available for development and
implementation of the proposed system. Hence, the solution is technically feasible.
ECONOMICAL FEASIBILITY:
As part of this, the costs and benefits associated with the proposed system are compared and the
project is economically feasible only if tangible or intangible benefits outweigh costs. The system
development costs will be significant. So the proposed system is economically feasible.
OPERATIONAL FEASIBILITY:
It is a standard that ensures interoperability without stifling competition and innovation among users,
to the benefit of the public both in terms of cost and service quality. The proposed system is
acceptable to users. So the proposed system is operationally feasibility.
4.1 REQUIREMENT ANALYSIS

4.1 SOFTWARE REQUIREMENTS:
● Windows Xp, Windows 7(ultimate, enterprise)

● Sql 2008
● Visual studio 2010
4.2 HARDWARE REQUIREMENTS:
· Processor – i3
· Hard Disk – 5 GB
· Memory – 1GB RAM
11
5.1 SYSTEM DESIGN
5.1.1 UML DIAGRAMS:

UML is the international standard notation for object-oriented analysis and design. The
Object Management Group defines it. The heart of object-oriented problem solving is the
construction of a model. The model abstracts the essential details of the underlying problem from its
usually complicated real world. Several modeling tools are wrapped under the heading of the
UML™, which stands for Unified Modeling Language™.
CLASS DIAGRAM:
A class is a description of a set of objects that share the same attributes, operations,
relationships, and semantics. A class implements one or more interfaces. Graphically a class is
rendered as a rectangle, usually including its name, attributes and operations, as shown below.
12
USE CASE DIAGRAM:
Use case is a description of a set of sequence of actions that a system performs that yields an
observable result of value to a particular thing in a model. Graphically, Use Case is rendered as an
ellipse with dashed lines, usually including only its name as shown below.
13
ACTIVITY DIAGRAM:
An Activity Diagram is essentially a flow chart showing flow of control from activity to
activity. They are used to model the dynamic aspects of a system. They can also be used to model the
flow of an object as it moves from state to state at different points in the flow of control.
An activity is an ongoing non-atomic execution within a state machine.

14
6.1 IMPLEMENTATION
package ysnyldrm.com.mysa;
import android.content.DialogInterface;
import android.content.Intent;
import android.hardware.fingerprint.FingerprintManager;
import android.os.Bundle;
import android.support.v7.app.AlertDialog;
import android.support.v7.app.AppCompatActivity;
import android.view.View;
import android.widget.Button;
import android.widget.TextView;
import android.widget.Toast;
import android.widget.ViewSwitcher;
import com.multidots.fingerprintauth.AuthErrorCodes;
import com.multidots.fingerprintauth.FingerPrintAuthCallback;
import com.multidots.fingerprintauth.FingerPrintAuthHelper;
import com.multidots.fingerprintauth.FingerPrintUtils;
public class FingerprintActivity extends AppCompatActivity implements FingerPrintAuthCallback {
private TextView mAuthMsgTv;

private ViewSwitcher mSwitcher;
private Button mGoToSettingsBtn;
private Button mGoToPasswordBtn;
private FingerPrintAuthHelper mFingerPrintAuthHelper;
SqliteHelper2 sqliteHelper2;
SqliteHelper sqliteHelper;
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_fingerprint);
sqliteHelper2 = new SqliteHelper2(this);
/* if(sqliteHelper2.getGuid() == null){
Toast toast = Toast.makeText(FingerprintActivity.this,"Your OTG device is not registered
please restart the application ! ", Toast.LENGTH_LONG);
toast.setGravity(Gravity.CENTER, 0, 0);
toast.show();
// sqliteHelper.dropTable2();
sqliteHelper.dropTable();
} */
mGoToSettingsBtn = (Button) findViewById(R.id.go_to_settings_btn);

mGoToPasswordBtn = (Button) findViewById(R.id.go_to_use_password);
15
mGoToPasswordBtn.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View v) {
startActivity(new Intent(getApplicationContext(), PasswordActivity.class));
}
});
mGoToSettingsBtn.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View v) {
FingerPrintUtils.openSecuritySettings(getApplicationContext());
}
});
mSwitcher = (ViewSwitcher) findViewById(R.id.main_switcher);

mAuthMsgTv = (TextView) findViewById(R.id.auth_message_tv);
mFingerPrintAuthHelper = FingerPrintAuthHelper.getHelper(this, this);

}
@Override
protected void onResume() {
super.onResume();
mGoToSettingsBtn.setVisibility(View.GONE);
mAuthMsgTv.setText("Scan your finger");
//start finger print authentication

mFingerPrintAuthHelper.startAuth();
}
@Override
protected void onPause() {
super.onPause();
mFingerPrintAuthHelper.stopAuth();
}
@Override
public void onNoFingerPrintHardwareFound() {
//mAuthMsgTv.setText("Your device does not have finger print scanner. Please type 1234 to
authenticate.");
//mSwitcher.showNext();
//Password activity ye geçiş
}
@Override
public void onNoFingerPrintRegistered() {
mAuthMsgTv.setText("There are no finger prints registered on this device. Please register your
finger from settings.");
mGoToSettingsBtn.setVisibility(View.VISIBLE);
//butonu düzenle
}
16
@Override
public void onBelowMarshmallow() {
//mAuthMsgTv.setText("You are running older version of android that does not support finger
print authentication. Please type 1234 to authenticate.");
//Password activity ye geçiş
}
@Override
public void onAuthSuccess(FingerprintManager.CryptoObject cryptoObject) {
Toast.makeText(FingerprintActivity.this, "Authentication succeeded.",
Toast.LENGTH_SHORT).show();
//OTP aşamasına geçiş
startActivity(new Intent(getApplicationContext(), OtpActivity.class));
}
@Override
public void onAuthFailed(int errorCode, String errorMessage) {
switch (errorCode) {
case AuthErrorCodes.CANNOT_RECOGNIZE_ERROR:
mAuthMsgTv.setText("Cannot recognize your finger print. Please try again.");
break;
case AuthErrorCodes.NON_RECOVERABLE_ERROR:
//mAuthMsgTv.setText("Cannot initialize finger print authentication. Please type 1234 to
authenticate.");
//passworda gidecek
break;
case AuthErrorCodes.RECOVERABLE_ERROR:
mAuthMsgTv.setText(errorMessage);
break;
}
}
@Override
public void onBackPressed() {
new AlertDialog.Builder(this).setIcon(android.R.drawable.ic_dialog_alert).setTitle("Exit")
.setMessage("Are you sure for exit the application?")
.setPositiveButton("Yes", new DialogInterface.OnClickListener() {
@Override
public void onClick(DialogInterface dialog, int which) {
Intent intent = new Intent(Intent.ACTION_MAIN);

intent.addCategory(Intent.CATEGORY_HOME);
intent.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
startActivity(intent);
}
}).setNegativeButton("No", null).show();
}
17
import android.Manifest;
import android.annotation.SuppressLint;
import android.app.ProgressDialog;
import android.content.Context;
import android.content.pm.PackageManager;
import android.os.Build;
import android.os.Handler;
import android.support.annotation.RequiresApi;
import android.support.design.widget.Snackbar;
import android.support.design.widget.TextInputLayout;
import android.support.v4.app.ActivityCompat;
import android.support.v4.content.ContextCompat;
import android.telephony.TelephonyManager;
import android.util.Log;
import android.widget.EditText;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
18
public class MainActivity extends AppCompatActivity {
private EditText editTextUserName;

private EditText editTextEmail;
private EditText editTextPassword;
private EditText editTextPhoneNumber;
TextInputLayout textInputLayoutUserName;
TextInputLayout textInputLayoutEmail;
TextInputLayout textInputLayoutPassword;
TextInputLayout textInputLayoutPhoneNumber;
//Declaration Button
Button buttonRegister;
//Declaration SqliteHelper
final private String TAG = "Main Activity";
List<String> permissions = new ArrayList<String>(); // Alınmamış izinleri listeye

ekleyeceğiz.
public static String IMEI;

import android.os.CountDownTimer;
import android.telephony.SmsManager;
import android.widget.TextView;
import android.widget.Toast;
import com.stfalcon.smsverifycatcher.OnSmsCatchListener;
import com.stfalcon.smsverifycatcher.SmsVerifyCatcher;
import java.util.Random;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import io.github.krtkush.lineartimer.LinearTimer;
import io.github.krtkush.lineartimer.LinearTimerView;
public class OtpActivity extends AppCompatActivity {
19
String Phone;
String randomNumber;
private TextView time;
Button send;
EditText edt;
String usersCode;
String validationNumber;
int counter = 5;
private SmsVerifyCatcher smsVerifyCatcher;
@Override
setContentView(R.layout.activity_otp);
send = (Button) findViewById(R.id.reSend);
edt = (EditText) findViewById(R.id.editTextNum);
LinearTimerView linearTimerView = (LinearTimerView)
findViewById(R.id.linearTimer);
sqliteHelper = new SqliteHelper(this);
Phone = "0" + sqliteHelper.getPhoneNumber();
randomNumberGenerator();
refreshTimer();
sendOTP();
final EditText etCode = (EditText) findViewById(R.id.editTextNum);
smsVerifyCatcher = new SmsVerifyCatcher(this, new OnSmsCatchListener<String>() {
@Override
public void onSmsCatch(String message) {
String code = parseCode(message);//Parse verification code
etCode.setText(code);//set code in edit text
//then you can send verification code to server
otoValidateNextOTG();
}
});
}
public void sendOTP(){
try {
send.setVisibility(View.GONE);
SmsManager smsManager = SmsManager.getDefault();
smsManager.sendTextMessage(Phone, null, randomNumber, null, null);
Toast.makeText(OtpActivity.this, "One-Time Password is sended ",

}catch (Exception e){
Toast.makeText(OtpActivity.this, "One-Time Password cannot sended ! ",
}
}
public void sendOTPButton(View view){
try {
refreshTimer();
randomNumberGenerator();
send.setVisibility(View.INVISIBLE);
// randomNumber
SmsManager smsManager = SmsManager.getDefault();
smsManager.sendTextMessage(Phone, null, randomNumber, null, null);
Toast.makeText(OtpActivity.this, "One-Time Password is succesfully sended ! ",

20
}catch (Exception e){

Toast.makeText(OtpActivity.this, "One-Time Password cannot sended ! ",
}
}
public void refreshTimer(){
LinearTimerView linearTimerView = (LinearTimerView)
findViewById(R.id.linearTimer);
final LinearTimer linearTimer = new LinearTimer.Builder()
.linearTimerView(linearTimerView)
.duration(120*1000)
.build();
linearTimer.startTimer();
time = (TextView) findViewById(R.id.counttimer);
new CountDownTimer(120000, 1000) {

public void onTick(long millisUntilFinished) {
time.setText("" + millisUntilFinished / 1000);
}
public void onFinish() {
send.setVisibility(View.VISIBLE);
}
}.start();
}
public void randomNumberGenerator(){
Random rnd = new Random();
int n = 100000 + rnd.nextInt(900000);
randomNumber = Integer.toString(n);
validationNumber = randomNumber;
randomNumber = "Please don't share this password. Your verification code is: " +
randomNumber ;
}
public void otoValidateNextOTG(){
usersCode = edt.getText().toString();
if(validationNumber.matches(usersCode)){
Intent intent = new Intent(OtpActivity.this,OTGActivity.class);
}
else{
Toast.makeText(OtpActivity.this, " Validation is unsuccesful , please wait the timer and re-
send OTP !", Toast.LENGTH_LONG).show();
counter--;
if(counter == 0){
Toast.makeText(OtpActivity.this, " Login attemp is failed, you are redirecting to login
page !", Toast.LENGTH_LONG).show();
Intent intent = new Intent(this,FingerprintActivity.class);
}
}
}
public void validate(View view){
usersCode = edt.getText().toString();
if(validationNumber.matches(usersCode)){
21
/* final ProgressDialog progressDialog = new ProgressDialog(this,

R.style.Theme_AppCompat_DayNight_Dialog);
progressDialog.setIndeterminate(true);
progressDialog.setMessage("Validation is succesful , you are redirecting to next step, please
plug-in your OTG device...");
progressDialog.show();
new Handler().postDelayed(new Runnable() {
@Override
public void run() {
}
}, 4000); */
import android.support.design.widget.Snackbar;
import android.support.design.widget.TextInputLayout;
import android.text.Html;
import android.text.Spanned;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.util.Arrays;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
public class PasswordActivity extends AppCompatActivity {
//Declaration EditTexts
EditText editTextEmail;
EditText editTextPassword;
//Declaration TextInputLayout
TextInputLayout textInputLayoutEmail;
TextInputLayout textInputLayoutPassword;
//Declaration Button
Button buttonLogin;
//Declaration SqliteHelper
@Override
setContentView(R.layout.activity_password);
sqliteHelper = new SqliteHelper(this);
initViews();
//set click event of login button

buttonLogin.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View view) {
//Check user input is correct or not
22
if (validate()) {
//Get values from EditText fields
String Email = editTextEmail.getText().toString();
String Password = editTextPassword.getText().toString();
char[] Pw = Password.toCharArray();
byte[] bytePw = hash(Pw);
String hashedPassword = new String(bytePw);
Password = hashedPassword;
//Authenticate user
User currentUser = sqliteHelper.Authenticate(new User(null, null, Email, Password,
null, null));
//Check Authentication is successful or not
if (currentUser != null) {
Snackbar.make(buttonLogin, "Successfully Logged in!",

Snackbar.LENGTH_LONG).show();
Intent intent = new Intent(PasswordActivity.this, OtpActivity.class);
} else {
//User Logged in Failed
Snackbar.make(buttonLogin, "Failed to log in , please try again",
Snackbar.LENGTH_LONG).show();
}
}
}
});
//this method is used to connect XML views to its Objects

private void initViews() {
editTextEmail = (EditText) findViewById(R.id.editTextEmail);
editTextPassword = (EditText) findViewById(R.id.editTextPassword);
textInputLayoutEmail = (TextInputLayout) findViewById(R.id.textInputLayoutEmail);
textInputLayoutPassword = (TextInputLayout) findViewById(R.id.textInputLayoutPassword);
buttonLogin = (Button) findViewById(R.id.buttonLogin);
}
//This method is for handling fromHtml method deprecation
@SuppressWarnings("deprecation")
public static Spanned fromHtml(String html) {
Spanned result;
if (android.os.Build.VERSION.SDK_INT >= android.os.Build.VERSION_CODES.N) {
result = Html.fromHtml(html, Html.FROM_HTML_MODE_LEGACY);
} else {
result = Html.fromHtml(html);
}
return result;
}
//This method is used to validate input given by user
public boolean validate() {
boolean valid = false;
//Get values from EditText fields
String Email = editTextEmail.getText().toString();
String Password = editTextPassword.getText().toString();
23
//Handling validation for Email field

if (!android.util.Patterns.EMAIL_ADDRESS.matcher(Email).matches()) {
valid = false;
textInputLayoutEmail.setError("Please enter valid email!");
} else {
valid = true;
textInputLayoutEmail.setError(null);
}
//Handling validation for Password field
if (Password.isEmpty()) {
valid = false;
textInputLayoutPassword.setError("Please enter valid password!");
} else {
if (Password.length() > 5) {
valid = true;
textInputLayoutPassword.setError(null);
} else {
valid = false;
textInputLayoutPassword.setError("Password is to short!");
}
}
return valid;
}
public byte[] hash(char[] password) {

int ITERATIONS = 10000;
int KEY_LENGTH = 256;
byte[] salt = "E1F53135E559C253".getBytes();
PBEKeySpec spec = new PBEKeySpec(password, salt, ITERATIONS, KEY_LENGTH);
Arrays.fill(password, Character.MIN_VALUE);
try {
SecretKeyFactory skf = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
return skf.generateSecret(spec).getEncoded();
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
throw new AssertionError("Error while hashing a password: " + e.getMessage(), e);
} finally {
spec.clearPassword();
}
}
@Override
public void onBackPressed() {
new AlertDialog.Builder(this).setIcon(android.R.drawable.ic_dialog_alert).setTitle("Exit")
.setMessage("Are you sure for exit the application?")
.setPositiveButton("Yes", new DialogInterface.OnClickListener() {
@Override
public void onClick(DialogInterface dialog, int which) {
Intent intent = new Intent(Intent.ACTION_MAIN);
intent.addCategory(Intent.CATEGORY_HOME);
intent.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
}
}).setNegativeButton("No", null).show();
}
}
import android.content.ContentValues;
import android.content.Context;
import android.database.Cursor;
import android.database.sqlite.SQLiteDatabase;
import android.database.sqlite.SQLiteOpenHelper;
public class SqliteHelper extends SQLiteOpenHelper {
//DATABASE NAME
public static final String DATABASE_NAME = "mysadatabase";
24
//DATABASE VERSION
public static final int DATABASE_VERSION = 1;
//TABLE NAME
public static final String TABLE_USERS = "users";
//USER MAIL
public static String loggedUserMail = "";
//TABLE USERS COLUMNS
public static final String KEY_ID = "id";
public static final String KEY_USER_NAME = "username";
public static final String KEY_EMAIL = "email";
public static final String KEY_PASSWORD = "password";
public static final String KEY_PHONENUMBER = "phonenumber";
public static final String KEY_IMEI = "imei";
public static final String SQL_TABLE_USERS = " CREATE TABLE " + TABLE_USERS
+"("
+ KEY_ID + " INTEGER PRIMARY KEY, "
+ KEY_USER_NAME + " TEXT, "
+ KEY_EMAIL + " TEXT, "
+ KEY_PASSWORD + " TEXT, "
+ KEY_PHONENUMBER + " TEXT, "
+ KEY_IMEI + " TEXT"
+ " ) ";
public static String number = "";
SQLiteDatabase sqLiteDatabase;
public SqliteHelper(Context context) {
super(context, DATABASE_NAME, null, DATABASE_VERSION);
}
@Override
public void onCreate(SQLiteDatabase sqLiteDatabase) {
//Create Table when oncreate gets called
sqLiteDatabase.execSQL(SQL_TABLE_USERS);
}
@Override
public void onUpgrade(SQLiteDatabase sqLiteDatabase, int i, int i1) {
//drop table to create new one if database version updated
sqLiteDatabase.execSQL(" DROP TABLE IF EXISTS " + TABLE_USERS);
}
/* public void dropTable2() {
sqLiteDatabase.execSQL("DELETE FROM users");
}
public void dropTable(){

sqLiteDatabase.execSQL(" DROP TABLE IF EXISTS " + TABLE_USERS);
} */
//using this method we can add users to user table

public void addUser(User user) {
//get writable database

SQLiteDatabase db = this.getWritableDatabase();
//create content values to insert
ContentValues values = new ContentValues();
values.put(KEY_USER_NAME, user.username);
values.put(KEY_EMAIL, user.email);
values.put(KEY_PASSWORD, user.password);
values.put(KEY_PHONENUMBER, user.phonenumber);
values.put(KEY_IMEI, user.imei);
25
// insert row
long todo_id = db.insert(TABLE_USERS, null, values);
}
public User Authenticate(User user) {
SQLiteDatabase db = this.getReadableDatabase();
Cursor cursor = db.query(TABLE_USERS,// Selecting Table
new String[]{KEY_ID, KEY_USER_NAME, KEY_EMAIL, KEY_PASSWORD,
KEY_PHONENUMBER, KEY_IMEI},//Selecting columns want to query
KEY_EMAIL + "=?",
new String[]{user.email},//Where clause
null, null, null);
if (cursor != null && cursor.moveToFirst() && cursor.getCount() > 0) {
//if cursor has value then in user database there is user associated with this given email
User user1 = new User(cursor.getString(0), cursor.getString(1), cursor.getString(2),
cursor.getString(3), cursor.getString(4), cursor.getString(5));
//Match both passwords check they are same or not
if (user.password.equalsIgnoreCase(user1.password)) {
loggedUserMail = user.email;
return user1;
}
}
return null;
}
public boolean isEmailExists(String email) {
KEY_EMAIL + "=?",
new String[]{email},//Where clause
null, null, null);

//if cursor has value then in user database there is user associated with this given email so
return true
return true;
}
//if email does not exist return false
return false;
}
public boolean isOTGExists(String keyid) {
KEY_EMAIL + "=?",
new String[]{keyid},//Where clause
null, null, null);

//if cursor has value then in user database there is user associated with this given email so
return true
return true;
}
//if email does not exist return false
return false;
}
public String getPhoneNumber() {

26

KEY_ID + "=?",
new String[]{"1"},//Where clause
null, null, null);

return user1.phonenumber;
}
else
return null;
}
public String getImeiNumber() {
KEY_ID + "=?",
null, null, null);

return user1.imei;
}
else
return null;
}
public String getPassword() {
KEY_ID + "=?",
null, null, null);

return user1.password;
}
else
return null;
}
27
public class User {
public String id;

public String username;
public String email;
public String password;
public String phonenumber;
public String imei;
public User(String id, String username, String email, String password, String phonenumber, String
imei) {
this.id = id;
this.username = username;
this.email = email;
this.password = password;
this.phonenumber = phonenumber;
this.imei = imei;
}
}
28
7.1 TESTING
The completion of a system is achieved only after it has been thoroughly tested. Though this
gives a feel the project is completed, there cannot be any project without going though this stage.
Though the programmer may have taken many precautions not to commit any mistakes that crop up
during the execution stage. Hence in this stage it is decided whether the project can under go the real
time environment execution without any break downs, therefore a package can be rejected even at
this stage.
The testing phase involves the testing of the developed system using various kinds of
data. An elaborated testing of data is prepared and a system is tested using the test data. While
testing, errors are noted and corrections remade, the corrections are also noted for future use.
29
8.1 OUTPUT
Screens:
30
31
9.1 CONCLUSION
In the current state there are many authentication schemes. Some of the schemes are based on
the physical and behavioral properties of the user, and some other authentication schemes are
based on the knowledge of the user such as textual and graphical passwords. Also, there are
other authentication schemes that are based on tokens such as smart cards i.e., based on what
you have [1]. Among the various authentication schemes, the most commonly used schemes
are textual password and tokenbased schemes, or the combination of both. The 3-level
password is a multifactor authentication scheme that combines the features of various
authentication schemes. The first level is the image ordering, where the user selects the same
images in the same order as selected in the registration phase. The second level is the colour
pixel selection, where the user selects a single colour pixel.
10.1 FUTURE SCOPE OF WORK
This project with three level passwords has been developed in such a manner, that the future
requirements of the user are met. The project is flexible to adapt the changes efficiently without
affecting the present system. In future, there can be a provision to update attendance, results,
and notifications through the web application. We are also planning to implement the web
application on various other platforms like Windows and ios. This is the future scope of our
project.
32
References:
WEBSITES REFERRED:
+ http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnu
mber=6076505&queryText%3DMulti+Level+Password
+ http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnu
mber=5542954&queryText%3DMulti+Level+Password

Three Level Authentication

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Three Level Authentication

Uploaded by

Copyright:

Available Formats

1

Three Level Image Based Password Authentication System

BACHELOR OF COMPUTER APPLICATIONS

Under the Esteemed Guidance of

ADITYA DEGREE COLLEGE

Project Supervisor Head of the Dept

Jaya Sravani Sunkara (190047400042)

Jaya Sravani Sunkara (190047400042)

S.No Chapter Page Number

1.1.1 ABOUT THE PROJECT:

2.1 LITERATURE SURVEY

3.1 SYSTEM ANALYSIS

3.1.1 EXISTING SYSTEM

To increase the security level we have developed a Three-Level Password Authentication

1) The system is user-friendly and has simple interface.

3.1.3 FEASIBILITY STUDY:

4.1 REQUIREMENT ANALYSIS

● Windows Xp, Windows 7(ultimate, enterprise)

4.2 HARDWARE REQUIREMENTS:

5.1.1 UML DIAGRAMS:

An activity is an ongoing non-atomic execution within a state machine.

public class FingerprintActivity extends AppCompatActivity implements FingerPrintAuthCallback {

private TextView mAuthMsgTv;

sqliteHelper2 = new SqliteHelper2(this);

mGoToSettingsBtn = (Button) findViewById(R.id.go_to_settings_btn);

mSwitcher = (ViewSwitcher) findViewById(R.id.main_switcher);

mFingerPrintAuthHelper = FingerPrintAuthHelper.getHelper(this, this);

mAuthMsgTv.setText("Scan your finger");

//start finger print authentication

Intent intent = new Intent(Intent.ACTION_MAIN);

public class MainActivity extends AppCompatActivity {

private EditText editTextUserName;

final private String TAG = "Main Activity";

List<String> permissions = new ArrayList<String>(); // Alınmamış izinleri listeye

public static String IMEI;

Toast.makeText(OtpActivity.this, "One-Time Password is sended ",

Toast.makeText(OtpActivity.this, "One-Time Password is succesfully sended ! ",

}catch (Exception e){

new CountDownTimer(120000, 1000) {

/* final ProgressDialog progressDialog = new ProgressDialog(this,

//set click event of login button

Snackbar.make(buttonLogin, "Successfully Logged in!",

//this method is used to connect XML views to its Objects

//Handling validation for Email field

public byte[] hash(char[] password) {

public void dropTable(){

//using this method we can add users to user table

//get writable database

if (cursor != null && cursor.moveToFirst() && cursor.getCount() > 0) {

if (cursor != null && cursor.moveToFirst() && cursor.getCount() > 0) {

public String getPhoneNumber() {

new String[]{KEY_ID, KEY_USER_NAME, KEY_EMAIL, KEY_PASSWORD,

if (cursor != null && cursor.moveToFirst() && cursor.getCount() > 0) {

if (cursor != null && cursor.moveToFirst() && cursor.getCount() > 0) {

if (cursor != null && cursor.moveToFirst() && cursor.getCount() > 0) {

public class User {

public String id;

10.1 FUTURE SCOPE OF WORK

You might also like