Contact Now

+91 7385055234

info@gunwantmankar.com

Maharashtra, India

Mon – Sat 9:00am To 6:00pm

Enhanced Secure Login System using Captcha as Graphical Passwords

ABSTRACT:

In today’s digital age, ensuring the security of online user accounts is of paramount importance. Traditional username-password authentication systems are susceptible to various security threats, including password breaches and unauthorized access. To address these concerns, we present an innovative approach in the form of an “Enhanced Secure Login System using Captcha as Graphical Passwords.” This project harnesses the power of Java and MySQL to create a robust, user-friendly, and highly secure authentication system. The core objective of this project is to enhance the security of user login processes while simultaneously improving the user experience. Traditional alphanumeric passwords can be vulnerable to brute-force attacks, dictionary attacks, and phishing attempts. In contrast, graphical passwords based on Captcha images provide a more resilient and user-friendly alternative. Captcha images, which are typically used to distinguish between humans and bots, have proven to be effective in enhancing security. Our system leverages the familiarity of Captcha images to create a novel login experience. Users select graphical elements within Captcha images to create their unique graphical passwords. These graphical passwords are not only more secure but also memorable, reducing the likelihood of password-related issues such as forgotten passwords. Moreover, they are resistant to common attacks, as they require knowledge of both the image structure and the user’s chosen pattern. The “Enhanced Secure Login System” incorporates several key features to provide an enhanced user authentication experience. Users can create their graphical passwords by selecting specific elements within Captcha images, ensuring a highly secure and intuitive login process. User credentials are stored in a MySQL database, safeguarding sensitive information from unauthorized access. The system also boasts a user-friendly interface, reducing the learning curve and enhancing overall accessibility. In addition, it offers robust protection against common attacks such as brute-force, dictionary, and shoulder-surfing attacks. By implementing this “Enhanced Secure Login System,” we aim to provide a secure, user-centric, and efficient solution to the persistent problem of online authentication. This project showcases the fusion of cutting-edge security practices with an improved user experience, ensuring that the login process is both robust and user-friendly. In an era where cybersecurity is of utmost concern, our system offers a reliable means of safeguarding user accounts, ultimately contributing to a safer online environment.

PROJECT OUTPUT VIDEO:

EXISTING SYSTEM:

  • The existing system, which predates the introduction of the “Enhanced Secure Login System,” employed conventional username-password authentication as its primary method of user verification. In this system, users were required to establish passwords that consisted of a combination of letters, numbers, and special characters. These passwords served as the principal means of confirming user identities when accessing their accounts.
  • In terms of security measures, the earlier system employed a basic mechanism to store user credentials in a MySQL database. While this encryption approach provided a fundamental level of security, it did not incorporate the advanced techniques featured in the upgraded system. Consequently, user data stored within the database was less fortified against potential security breaches.
  • From a user experience perspective, the earlier system featured a straightforward login interface. This interface comprised standard input fields for users to enter their usernames and passwords. While this interface was familiar to users, it did not offer the same level of security or user-friendliness as the enhanced system’s graphical password approach.
  • In summary, the earlier system was characterized by its reliance on traditional alphanumeric passwords for user authentication. These passwords, although widely used, were vulnerable to a range of security threats. Furthermore, the system utilized a relatively basic method for safeguarding user credentials in the database. While this system was functional, it was clear that it needed improvement to enhance both security and user experience. Consequently, the development of the “Enhanced Secure Login System using Captcha as Graphical Passwords” was undertaken to address these shortcomings and provide a more robust and user-centric authentication solution.

DISADVANTAGES OF EXISTING SYSTEM:

  • Weak Security: The existing system relies solely on traditional alphanumeric passwords, which are prone to various security threats, including brute-force attacks, dictionary attacks, and password guessing. This leaves user accounts vulnerable to unauthorized access.
  • Password-Related Issues: Users often struggle with remembering complex passwords, leading to frequent password resets and the risk of users resorting to easily guessable passwords, such as “password123.”
  • Lack of User-Friendliness: The alphanumeric password system can be intimidating, especially for less tech-savvy users. This complexity can result in frustration and difficulties during the login process.
  • Limited Resistance to Common Attacks: The existing system lacks robust protection against common cyberattacks, such as brute-force attacks, where attackers repeatedly attempt to guess passwords until they succeed.
  • Inadequate Password Recovery: In the event that users forget their passwords, the existing system may have limited or cumbersome password recovery options, potentially causing user inconvenience.
  • Risk of Phishing: Since users are accustomed to entering passwords in a standard login form, they may fall victim to phishing attacks where attackers impersonate legitimate login screens to steal user credentials.
  • No Multi-Factor Authentication (MFA): The existing system does not incorporate multi-factor authentication, which adds an additional layer of security by requiring users to provide multiple forms of verification.
  • Limited Security Logging and Monitoring: The system may lack comprehensive logging and monitoring capabilities, making it challenging to detect and respond to suspicious activities in real-time.
  • Security Compliance: Depending on the application’s purpose, the existing system may not meet industry or regulatory security standards, potentially exposing the organization to legal and compliance risks.
  • Password Reuse: Users might reuse passwords across multiple accounts, which can lead to security vulnerabilities if one account is compromised, affecting others as well.
  • In light of these disadvantages, it becomes evident that the existing system has several limitations in terms of security, user experience, and adaptability to modern security standards. Upgrading to a more secure and user-friendly authentication solution, such as the “Enhanced Secure Login System using Captcha as Graphical Passwords,” is essential to mitigate these shortcomings and enhance overall security.

PROPOSED SYSTEM:

  • The proposed system, “Enhanced Secure Login System using Captcha as Graphical Passwords,” introduces a comprehensive and secure approach to user registration, authentication, file upload, and download. This system enhances security through the use of graphical Captcha images and requires admin approval for user access.
  • In the proposed system, first the Users initiate the registration process by providing their personal details, including name, username, password, email, and phone number. Importantly, users must select one Captcha image from a set of three options presented during registration. They are also required to correctly enter the code displayed within the selected Captcha image. Once the user completes these steps, the registration process is considered complete
  • In the proposed system, after user registration, admin approval is a mandatory step. Users cannot log in until they receive approval from the admin. Admin reviews the user’s registration details and decides whether to approve or reject the user’s request. If the admin approves the user, the user gains access to the system. However, without admin approval, even if users provide the correct password and Captcha code during login, they will be denied access.
  • 5In the proposed system, Approved users can log in by providing their username and password. Upon successful authentication of username and password, the system prompts the user to select the same Captcha image they chose during registration. Only if the user correctly selects the matching Captcha image, they are granted access to the system. Otherwise, access is denied, and the user is temporarily blocked. Admin is the only entity with the authority to reset access. After successful login, users have the option to securely upload files to the system. To upload a file, the system displays an image to the user. The user must select specific coordinates corresponding to the “First Point” and “Second Point” on the image. Once the coordinates are correctly chosen, the user can proceed to select and upload the desired file. This process enhances the security of file uploads.
  • In the proposed system, Approved users can log in by providing their username and password. Upon successful authentication of username and password, the system prompts the user to select the same Captcha image they chose during registration. Only if the user correctly selects the matching Captcha image, they are granted access to the system. Otherwise, access is denied, and the user is temporarily blocked. Admin is the only entity with the authority to reset access. After successful login, users have the option to securely upload files to the system. To upload a file, the system displays an image to the user. The user must select specific coordinates corresponding to the “First Point” and “Second Point” on the image. Once the coordinates are correctly chosen, the user can proceed to select and upload the desired file. This process enhances the security of file uploads.
  • The proposed system Admin has access to a comprehensive view of user activity within the system. Admin can monitor and track the details of both user uploads and downloads, providing transparency and oversight over system usage.
  • In conclusion, the proposed system combines the security of Captcha-based graphical passwords, admin approval, and secure file handling to create a robust and secure user authentication and data management solution. This approach mitigates common security risks and provides administrators with the tools to maintain control and visibility over user activities within the system.

ADVANTAGES OF PROPOSED SYSTEM:

  • Enhanced Security: The use of Captcha as graphical passwords significantly improves security by making it difficult for unauthorized users to gain access, even if they have the correct login credentials.
  • Reduced Risk of Unauthorized Access: Admin approval is a crucial step in the user registration process, ensuring that only authorized individuals are granted access to the system. Unauthorized access attempts are effectively blocked.
  • Protection Against Brute-Force Attacks: The system protects against brute-force attacks as even with the correct username and password, users must correctly select the Captcha image they chose during registration to gain access.
  • Secure File Handling: The system’s file upload and download processes are designed with security in mind. Users can only download files by selecting the exact coordinates chosen during the upload process, preventing unauthorized access to sensitive files.
  • Improved User Authentication: The use of Captcha images as graphical passwords is user-friendly and reduces the risk of password-related issues such as forgotten passwords. Users can easily recognize and remember their chosen graphical passwords.
  • Customizable Captcha Images: The system provides users with the option to select one Captcha image from a set of choices during registration, allowing for personalization and enhancing the user experience.
  • Administrative Oversight: Admins have access to a comprehensive view of user activities, including file uploads and downloads. This oversight ensures accountability and helps detect any suspicious or unauthorized activities.
  • Protection Against Phishing: The use of Captcha images during login protects users from falling victim to phishing attacks since they must verify their chosen graphical password in addition to their regular credentials.
  • Reduced Password Reset Requests: With graphical passwords, users are less likely to forget their login credentials, reducing the number of password reset requests and associated support overhead.
  • Compliance with Security Standards: The proposed system aligns with modern security practices, making it suitable for organizations and applications that require compliance with security standards and regulations.
  • Enhanced User Experience: The combination of security and user-friendliness in the system improves the overall user experience, making it more convenient for users to access and interact with the system.
  • Deterrent to Unauthorized Users: The system’s multi-layered security measures, including Captcha-based graphical passwords and admin approval, act as deterrents to potential unauthorized users, reducing the likelihood of security breaches.
  • In summary, the proposed system offers a range of advantages, including heightened security, improved user authentication, secure file handling, and administrative oversight. These features collectively contribute to a more secure and user-friendly authentication and data management solution.

MODULES:

  • User Registration Module
  • Admin Approval Module
  • User Authentication and Login Module
  • File Upload Module
  • File Download Module
  • Admin Activity Tracking Module

MODULES DESCSRIPTION:

User Registration Module:

    This module handles user registration within the system. Users provide their personal details, including name, username, password, email, and phone number. Importantly, users must select one Captcha image from a set of options and enter the code displayed within the chosen Captcha image. The module ensures that user information is securely stored in the database, including the association between the user and their selected Captcha image. Successful registration initiates the approval process by the admin.

Admin Approval Module:

    Admin approval is a crucial step in user access control. In this module, the admin reviews the registration details of users and decides whether to approve or reject their requests. If the admin approves a user, the user is granted access to the system; otherwise, they remain blocked. This module ensures that only authorized users gain entry, enhancing system security and integrity.

User Authentication and Login Module:

    The User Authentication and Login Module manages the process of user authentication. Approved users can log in by providing their username and password. After successful username and password validation, users are required to select the same Captcha image they chose during registration. If the user correctly selects the matching Captcha image, they gain access to the system. If the Captcha selection is incorrect, access is denied, and only the admin has the authority to reset access.

File Upload Module:

    The File Upload Module allows authenticated users to securely upload files to the system. To enhance security, users are presented with an image and must select specific coordinates corresponding to the “First Point” and “Second Point” on the image. Once the coordinates are correctly chosen, users can select and upload their desired files. This module ensures that file uploads are performed securely and that only authorized users can contribute to the system.

File Download Module:

    Users can retrieve previously uploaded files through the File Download Module. To download a file, users must select the exact coordinates (the same ones chosen during the upload process) on a displayed image. This module ensures that files are only accessible to users who have previously uploaded them, preventing unauthorized access to sensitive data.

Admin Activity Tracking Module:

    The Admin Activity Tracking Module provides the admin with a comprehensive view of user activities within the system. Admins can monitor and track details of both user uploads and downloads, ensuring transparency and oversight over system usage. This module facilitates efficient administration and the ability to detect and respond to any suspicious or unauthorized activities swiftly.

SYSTEM REQUIREMENTS:

HARDWARE REQUIREMENTS:

  • System : Pentium i3 Processor.
  • Hard Disk : 500 GB.
  • Monitor : 15 LED
  • Input Devices : Keyboard, Mouse.
  • Ram : 4 GB

SOFTWARE REQUIREMENTS:

  • Operating system : Windows 10/11.
  • Coding Language : JAVA
  • Frontend : JSP, HTML, CSS, JavaScript.
  • IDE Tool : Apache Netbeans IDE 16.
  • Database : MYSQL