Professional Documents
Culture Documents
DEPARTMENT OF COMPUTERS
(Affiliated to AKNU)
Amalapuram,Konaseema, A.P, Pin-533201.
2019-2022
2
CERTIFICATE
DEPARTMENT OF COMPUTERS
ADITYA DEGREE COLLEGE
(Affiliated to AKNU)
Amalapuram, Konaseema, A.P, Pin-533201.
This is to certify that the thesis entitled “Three Level Image Password Authentication
System” that is being submitted by us in Partial Fulfillment of the requirements for the award of the
Degree of Bachelor of Computer Applications in the academic year 2019-22 to the Adikavi
Nannaya University,Rajamahendravaram is a record of bonafide work carried out by him/her
under my guidance and supervision.
The results embodied in this thesis have not been submitted to any other University or
Institute for the award of any degree or diploma.
Principal External
3
DECLARATION
This is to declare that the project work entitled “Three level Image Password Authentication
System”, is a bonafide work done by us, under the esteemed guidance of “D.LAKSHMI
PRASANNA” professor,department of computers, Aditya Degree College. This project report
is being submitted in the partial fulfillment of the requirements for the award of the degree of
Bachelor of Computer Application during the academic year 2019-2022. This project possesses
originality as it is not extracted from any source and it has not been submitted to any other
institution or university.
AMALAPURAM
Date:
4
ACKNOWLEDGEMENTS
I would like to take the privilege of the opportunity to express my gratitude in the Project
work of “Three Level Image Password Authentication System” enabled us to express our special
thanks to our honorable Chairman of the institution Sri N.Sesha Reddy.
I am thankful to Secretary Smt N.Suguna Reddy, and principal Dr. Ch.Subba Reddy who
has shown keen interest in us and encouraged us by providing all the facilities to complete my
project successfully.
I am extremely thankful to our Project Review Committee & Departmental Committee who
have been a source of inspiration for us throughout my project and for their valuable advice in
making my project a success.
I express my sincere thanks to my beloved supervisor and Head of the Department of CSE
“Smt G. N .V. Usha Sri” , who has been a source of inspiration for us throughout my project and for
his valuable advice in making my project a success.
I wish to express my sincere thanks to all teaching and non teaching staff of Computers. I
wish to express my special thanks to all the Faculty members of our College for their concern in
subjects and their help throughout my course.
I am very thankful to all my friends who had given me good cooperation and suggestions
throughout this project and helped me in successful completion.
ABSTRACT
Inspite of many efforts taken nowadays still security threats can be seen everywhere. And from the
starting we are using just single level password authentication factors, which is not sufficient to give
more security. In order to be more secure we can think of Three Level Password Authentication
System.So this is an idea to implement three levels password authentication for true users. In short
we can say, this is to implement three level of security. The First level password constitutes of
simple text based password and this effort is taken to resist shoulder surfing attack through the
text password. The Color Combination password there is basically three colors red green blue (RGB)
where user can set different combination of colors according to there choice just by clicking on
those colors forms the second level of authentication.Third level uses a Picture Password there at
first user have to select an image in jpg format to use as an password and then user can set the
password by clicking on the image in different places. These three levels of password in securing
the resources from unauthorized use.
6
Contents
1. CHAPTER-I
1.1 INTRODUCTION 8
1.1.1 ABOUT PROJECT
1.1.2 PURPOSE OF THE
PROJECT
1.1.3 PROJECT OBJECTIVE
1.1.4 PROJECT SCOPE
1.1.5 PROJECT OVERVIEW
2. CHAPTER-II
2.1 LITERATURE SURVEY 8
3. CHAPTER-III
3.1 SYSTEM ANALYSIS 9
3.1.1 EXISTING SYSTEM
3.1.2 PROPOSED SYSTEM
3.1.3 FEASIBILITY STUDY
4. CHAPTER-IV
4.1 REQUIREMENT ANALYSIS 10
4.1 SOFTWARE
REQUIREMENTS
4.2 HARDWARE
REQUIREMENTS
5 CHAPTER-V
5.1 SYSTEM DESIGN 11
5.1.1 UML DIAGRAMS
6. CHAPTER-VI
6.1 IMPLEMENTATION 14
7 CHAPTER-VII
7.1 TESTING 28
8 CHAPTER-VIII
7
8.1 RESULT OR OUTPUT 29
9 CHAPTER-IX
9.1 CONCLUSION 31
10 CHAPTER-X
10.1 FUTURE SCOPE OF WORK 31
8
INTRODUCTION
A security breach can be a threat to national confidential data or the private data of an
organization or a person. The most popular kind of password used for security purposes is
text-based. However, these passwords can be easily breached and one may lose his/her
private data to the wrong hands. With the rise in cyber-crime, security threats related to
logins & accesses have become a major concern. Also, the use of single security
authentication is not sufficient enough to keep you protected from cyber threats.
3.1.2 PROPOSED SYSTEM
Once the problem is clearly understood, the next step is to conduct a feasibility
study, which is a high-level capsule version of the entered systems and design process. The
objective is to determine whether or not the proposed system is feasible. The three tests of
feasibility have been carried out.
● Technical Feasibility
● Economical Feasibility
● Operational Feasibility
TECHNICAL FEASIBILITY:
In Technical Feasibility study, one has to test whether the proposed system can be developed using
existing technology or not. It is planned to implement the proposed system using java technology. It
is evident that the necessary hardware and software are available for development and
implementation of the proposed system. Hence, the solution is technically feasible.
ECONOMICAL FEASIBILITY:
As part of this, the costs and benefits associated with the proposed system are compared and the
project is economically feasible only if tangible or intangible benefits outweigh costs. The system
development costs will be significant. So the proposed system is economically feasible.
OPERATIONAL FEASIBILITY:
It is a standard that ensures interoperability without stifling competition and innovation among users,
to the benefit of the public both in terms of cost and service quality. The proposed system is
acceptable to users. So the proposed system is operationally feasibility.
· Processor – i3
· Hard Disk – 5 GB
· Memory – 1GB RAM
11
5.1 SYSTEM DESIGN
CLASS DIAGRAM:
A class is a description of a set of objects that share the same attributes, operations,
relationships, and semantics. A class implements one or more interfaces. Graphically a class is
rendered as a rectangle, usually including its name, attributes and operations, as shown below.
12
USE CASE DIAGRAM:
Use case is a description of a set of sequence of actions that a system performs that yields an
observable result of value to a particular thing in a model. Graphically, Use Case is rendered as an
ellipse with dashed lines, usually including only its name as shown below.
13
ACTIVITY DIAGRAM:
An Activity Diagram is essentially a flow chart showing flow of control from activity to
activity. They are used to model the dynamic aspects of a system. They can also be used to model the
flow of an object as it moves from state to state at different points in the flow of control.
6.1 IMPLEMENTATION
package ysnyldrm.com.mysa;
import android.content.DialogInterface;
import android.content.Intent;
import android.hardware.fingerprint.FingerprintManager;
import android.os.Bundle;
import android.support.v7.app.AlertDialog;
import android.support.v7.app.AppCompatActivity;
import android.view.View;
import android.widget.Button;
import android.widget.TextView;
import android.widget.Toast;
import android.widget.ViewSwitcher;
import com.multidots.fingerprintauth.AuthErrorCodes;
import com.multidots.fingerprintauth.FingerPrintAuthCallback;
import com.multidots.fingerprintauth.FingerPrintAuthHelper;
import com.multidots.fingerprintauth.FingerPrintUtils;
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_fingerprint);
/* if(sqliteHelper2.getGuid() == null){
Toast toast = Toast.makeText(FingerprintActivity.this,"Your OTG device is not registered
please restart the application ! ", Toast.LENGTH_LONG);
toast.setGravity(Gravity.CENTER, 0, 0);
toast.show();
// sqliteHelper.dropTable2();
sqliteHelper.dropTable();
} */
mGoToPasswordBtn.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View v) {
startActivity(new Intent(getApplicationContext(), PasswordActivity.class));
}
});
mGoToSettingsBtn.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View v) {
FingerPrintUtils.openSecuritySettings(getApplicationContext());
}
});
@Override
protected void onResume() {
super.onResume();
mGoToSettingsBtn.setVisibility(View.GONE);
@Override
protected void onPause() {
super.onPause();
mFingerPrintAuthHelper.stopAuth();
}
@Override
public void onNoFingerPrintHardwareFound() {
//mAuthMsgTv.setText("Your device does not have finger print scanner. Please type 1234 to
authenticate.");
//mSwitcher.showNext();
//Password activity ye geçiş
startActivity(new Intent(getApplicationContext(), PasswordActivity.class));
}
@Override
public void onNoFingerPrintRegistered() {
mAuthMsgTv.setText("There are no finger prints registered on this device. Please register your
finger from settings.");
mGoToSettingsBtn.setVisibility(View.VISIBLE);
//butonu düzenle
}
16
@Override
public void onBelowMarshmallow() {
//mAuthMsgTv.setText("You are running older version of android that does not support finger
print authentication. Please type 1234 to authenticate.");
//mSwitcher.showNext();
//Password activity ye geçiş
startActivity(new Intent(getApplicationContext(), PasswordActivity.class));
}
@Override
public void onAuthSuccess(FingerprintManager.CryptoObject cryptoObject) {
Toast.makeText(FingerprintActivity.this, "Authentication succeeded.",
Toast.LENGTH_SHORT).show();
//OTP aşamasına geçiş
startActivity(new Intent(getApplicationContext(), OtpActivity.class));
}
@Override
public void onAuthFailed(int errorCode, String errorMessage) {
switch (errorCode) {
case AuthErrorCodes.CANNOT_RECOGNIZE_ERROR:
mAuthMsgTv.setText("Cannot recognize your finger print. Please try again.");
break;
case AuthErrorCodes.NON_RECOVERABLE_ERROR:
//mAuthMsgTv.setText("Cannot initialize finger print authentication. Please type 1234 to
authenticate.");
//mSwitcher.showNext();
//passworda gidecek
startActivity(new Intent(getApplicationContext(), PasswordActivity.class));
break;
case AuthErrorCodes.RECOVERABLE_ERROR:
mAuthMsgTv.setText(errorMessage);
break;
}
}
@Override
public void onBackPressed() {
new AlertDialog.Builder(this).setIcon(android.R.drawable.ic_dialog_alert).setTitle("Exit")
.setMessage("Are you sure for exit the application?")
.setPositiveButton("Yes", new DialogInterface.OnClickListener() {
@Override
public void onClick(DialogInterface dialog, int which) {
package ysnyldrm.com.mysa;
import android.Manifest;
import android.annotation.SuppressLint;
import android.app.ProgressDialog;
import android.content.Context;
import android.content.DialogInterface;
import android.content.Intent;
import android.content.pm.PackageManager;
import android.os.Build;
import android.os.Bundle;
import android.os.Handler;
import android.support.annotation.RequiresApi;
import android.support.design.widget.Snackbar;
import android.support.design.widget.TextInputLayout;
import android.support.v4.app.ActivityCompat;
import android.support.v4.content.ContextCompat;
import android.support.v7.app.AlertDialog;
import android.support.v7.app.AppCompatActivity;
import android.telephony.TelephonyManager;
import android.util.Log;
import android.view.View;
import android.widget.Button;
import android.widget.EditText;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
18
TextInputLayout textInputLayoutUserName;
TextInputLayout textInputLayoutEmail;
TextInputLayout textInputLayoutPassword;
TextInputLayout textInputLayoutPhoneNumber;
//Declaration Button
Button buttonRegister;
//Declaration SqliteHelper
SqliteHelper sqliteHelper;
SqliteHelper sqliteHelper;
String Phone;
String randomNumber;
private TextView time;
Button send;
EditText edt;
String usersCode;
String validationNumber;
int counter = 5;
private SmsVerifyCatcher smsVerifyCatcher;
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_otp);
send = (Button) findViewById(R.id.reSend);
edt = (EditText) findViewById(R.id.editTextNum);
LinearTimerView linearTimerView = (LinearTimerView)
findViewById(R.id.linearTimer);
sqliteHelper = new SqliteHelper(this);
Phone = "0" + sqliteHelper.getPhoneNumber();
randomNumberGenerator();
refreshTimer();
sendOTP();
final EditText etCode = (EditText) findViewById(R.id.editTextNum);
smsVerifyCatcher = new SmsVerifyCatcher(this, new OnSmsCatchListener<String>() {
@Override
public void onSmsCatch(String message) {
String code = parseCode(message);//Parse verification code
etCode.setText(code);//set code in edit text
//then you can send verification code to server
otoValidateNextOTG();
}
});
}
public void sendOTP(){
try {
send.setVisibility(View.GONE);
SmsManager smsManager = SmsManager.getDefault();
smsManager.sendTextMessage(Phone, null, randomNumber, null, null);
}
else{
Toast.makeText(OtpActivity.this, " Validation is unsuccesful , please wait the timer and re-
send OTP !", Toast.LENGTH_LONG).show();
counter--;
if(counter == 0){
Toast.makeText(OtpActivity.this, " Login attemp is failed, you are redirecting to login
page !", Toast.LENGTH_LONG).show();
Intent intent = new Intent(this,FingerprintActivity.class);
startActivity(intent);
}
}
}
public void validate(View view){
usersCode = edt.getText().toString();
if(validationNumber.matches(usersCode)){
21
}
}, 4000); */
package ysnyldrm.com.mysa;
import android.content.DialogInterface;
import android.content.Intent;
import android.os.Bundle;
import android.support.design.widget.Snackbar;
import android.support.design.widget.TextInputLayout;
import android.support.v7.app.AlertDialog;
import android.support.v7.app.AppCompatActivity;
import android.text.Html;
import android.text.Spanned;
import android.view.View;
import android.widget.Button;
import android.widget.EditText;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.util.Arrays;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
public class PasswordActivity extends AppCompatActivity {
//Declaration EditTexts
EditText editTextEmail;
EditText editTextPassword;
//Declaration TextInputLayout
TextInputLayout textInputLayoutEmail;
TextInputLayout textInputLayoutPassword;
//Declaration Button
Button buttonLogin;
//Declaration SqliteHelper
SqliteHelper sqliteHelper;
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_password);
sqliteHelper = new SqliteHelper(this);
initViews();
if (validate()) {
//Get values from EditText fields
String Email = editTextEmail.getText().toString();
String Password = editTextPassword.getText().toString();
char[] Pw = Password.toCharArray();
byte[] bytePw = hash(Pw);
String hashedPassword = new String(bytePw);
Password = hashedPassword;
//Authenticate user
User currentUser = sqliteHelper.Authenticate(new User(null, null, Email, Password,
null, null));
//Check Authentication is successful or not
if (currentUser != null) {
}
});
}
package ysnyldrm.com.mysa;
import android.content.ContentValues;
import android.content.Context;
import android.database.Cursor;
import android.database.sqlite.SQLiteDatabase;
import android.database.sqlite.SQLiteOpenHelper;
public class SqliteHelper extends SQLiteOpenHelper {
//DATABASE NAME
public static final String DATABASE_NAME = "mysadatabase";
24
//DATABASE VERSION
public static final int DATABASE_VERSION = 1;
//TABLE NAME
public static final String TABLE_USERS = "users";
//USER MAIL
public static String loggedUserMail = "";
//TABLE USERS COLUMNS
public static final String KEY_ID = "id";
public static final String KEY_USER_NAME = "username";
public static final String KEY_EMAIL = "email";
public static final String KEY_PASSWORD = "password";
public static final String KEY_PHONENUMBER = "phonenumber";
public static final String KEY_IMEI = "imei";
public static final String SQL_TABLE_USERS = " CREATE TABLE " + TABLE_USERS
+"("
+ KEY_ID + " INTEGER PRIMARY KEY, "
+ KEY_USER_NAME + " TEXT, "
+ KEY_EMAIL + " TEXT, "
+ KEY_PASSWORD + " TEXT, "
+ KEY_PHONENUMBER + " TEXT, "
+ KEY_IMEI + " TEXT"
+ " ) ";
public static String number = "";
SQLiteDatabase sqLiteDatabase;
public SqliteHelper(Context context) {
super(context, DATABASE_NAME, null, DATABASE_VERSION);
}
@Override
public void onCreate(SQLiteDatabase sqLiteDatabase) {
//Create Table when oncreate gets called
sqLiteDatabase.execSQL(SQL_TABLE_USERS);
}
@Override
public void onUpgrade(SQLiteDatabase sqLiteDatabase, int i, int i1) {
//drop table to create new one if database version updated
sqLiteDatabase.execSQL(" DROP TABLE IF EXISTS " + TABLE_USERS);
}
/* public void dropTable2() {
sqLiteDatabase.execSQL("DELETE FROM users");
}
// insert row
long todo_id = db.insert(TABLE_USERS, null, values);
}
public User Authenticate(User user) {
SQLiteDatabase db = this.getReadableDatabase();
Cursor cursor = db.query(TABLE_USERS,// Selecting Table
new String[]{KEY_ID, KEY_USER_NAME, KEY_EMAIL, KEY_PASSWORD,
KEY_PHONENUMBER, KEY_IMEI},//Selecting columns want to query
KEY_EMAIL + "=?",
new String[]{user.email},//Where clause
null, null, null);
if (cursor != null && cursor.moveToFirst() && cursor.getCount() > 0) {
//if cursor has value then in user database there is user associated with this given email
User user1 = new User(cursor.getString(0), cursor.getString(1), cursor.getString(2),
cursor.getString(3), cursor.getString(4), cursor.getString(5));
//Match both passwords check they are same or not
if (user.password.equalsIgnoreCase(user1.password)) {
loggedUserMail = user.email;
return user1;
}
}
return null;
}
public boolean isEmailExists(String email) {
SQLiteDatabase db = this.getReadableDatabase();
Cursor cursor = db.query(TABLE_USERS,// Selecting Table
new String[]{KEY_ID, KEY_USER_NAME, KEY_EMAIL, KEY_PASSWORD,
KEY_PHONENUMBER, KEY_IMEI},//Selecting columns want to query
KEY_EMAIL + "=?",
new String[]{email},//Where clause
null, null, null);
}
public String getImeiNumber() {
SQLiteDatabase db = this.getReadableDatabase();
Cursor cursor = db.query(TABLE_USERS,// Selecting Table
new String[]{KEY_ID, KEY_USER_NAME, KEY_EMAIL, KEY_PASSWORD,
KEY_PHONENUMBER, KEY_IMEI},//Selecting columns want to query
KEY_ID + "=?",
new String[]{"1"},//Where clause
null, null, null);
}
public String getPassword() {
SQLiteDatabase db = this.getReadableDatabase();
Cursor cursor = db.query(TABLE_USERS,// Selecting Table
new String[]{KEY_ID, KEY_USER_NAME, KEY_EMAIL, KEY_PASSWORD,
KEY_PHONENUMBER, KEY_IMEI},//Selecting columns want to query
KEY_ID + "=?",
new String[]{"1"},//Where clause
null, null, null);
}
package ysnyldrm.com.mysa;
27
public User(String id, String username, String email, String password, String phonenumber, String
imei) {
this.id = id;
this.username = username;
this.email = email;
this.password = password;
this.phonenumber = phonenumber;
this.imei = imei;
}
}
28
7.1 TESTING
The completion of a system is achieved only after it has been thoroughly tested. Though this
gives a feel the project is completed, there cannot be any project without going though this stage.
Though the programmer may have taken many precautions not to commit any mistakes that crop up
during the execution stage. Hence in this stage it is decided whether the project can under go the real
time environment execution without any break downs, therefore a package can be rejected even at
this stage.
The testing phase involves the testing of the developed system using various kinds of
data. An elaborated testing of data is prepared and a system is tested using the test data. While
testing, errors are noted and corrections remade, the corrections are also noted for future use.
29
8.1 OUTPUT
Screens:
30
31
9.1 CONCLUSION
In the current state there are many authentication schemes. Some of the schemes are based on
the physical and behavioral properties of the user, and some other authentication schemes are
based on the knowledge of the user such as textual and graphical passwords. Also, there are
other authentication schemes that are based on tokens such as smart cards i.e., based on what
you have [1]. Among the various authentication schemes, the most commonly used schemes
are textual password and tokenbased schemes, or the combination of both. The 3-level
password is a multifactor authentication scheme that combines the features of various
authentication schemes. The first level is the image ordering, where the user selects the same
images in the same order as selected in the registration phase. The second level is the colour
pixel selection, where the user selects a single colour pixel.
This project with three level passwords has been developed in such a manner, that the future
requirements of the user are met. The project is flexible to adapt the changes efficiently without
affecting the present system. In future, there can be a provision to update attendance, results,
and notifications through the web application. We are also planning to implement the web
application on various other platforms like Windows and ios. This is the future scope of our
project.
32
References:
WEBSITES REFERRED:
+ http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnu
mber=6076505&queryText%3DMulti+Level+Password
+ http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnu
mber=5542954&queryText%3DMulti+Level+Password