Scribd
Upload
69 views

GUI Based OTP Verification System Using Python

Uploaded by

yasheafc
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
69 views

GUI Based OTP Verification System Using Python

Uploaded by

yasheafc
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 36

GUI Based OTP Verification System Using Python

A PROJECT REPORT

Submitted by:
Devesh Panwar (22BCS11131)
Muskan Kaira (22BCS16007)
Diksha Kumari (22BCS16005)
Yash Shekhar (22BCS17086)
Nalin (22BCS16857)

in partial fulfillment for the award of the degree of

BACHELOR OF ENGINEERING

IN
COMPUTER SCIENCE

Chandigarh University

February – June 2023


BONAFIDE CERTIFICATE
Certified that this project report “GUI based OTP verification system
using Python” is the bonafide work of Devesh Panwar, Muskan Kaira,
Diksha Kumari, Yash Shekhar & Nalin Pradhan who carried out the
project work under my supervision.

SIGNATURE -

Ms. Jyoti
SUPERVISOR

HEAD OF THE DEPARTMENT


Computer Science.

Submitted for the project viva-voce examination held on _________________

INTERNAL EXAMINER EXTERNAL EXAMINER


ACKNOWLEDGEMENT
It gives us the privilege to complete this mid semester project. This is
the only page where we have the opportunity to express my emotions
and gratitude. It is a great pleasure in expressing sincere and deep
gratitude towards my supervisor and guide Ms Jyoti for her valuable
suggestions, guidance, and constant support throughout the completion
of this project named “GUI based OTP verification system using
Python”. This project, though done by us, wouldn't be possible without
the support of varied people, who by their cooperation have helped us
in bringing out this project successfully. I am really very thankful to
Chandigarh University for providing me such a great opportunity to
make such a wonderful project which can solve real-life problems and
extremely valuable handson experience along with crucial soft skills
such as working in a team, communication skills, and much more. I also
offer my most sincere thanks to every team member of our group who
was working rigorously on this project and staff members of the BE –
Computer Science and Engineering Department, University Institute of
Engineering, Chandigarh University for cooperation provided by them
in every possible way. We thank all the faculty members and other
supporting staff for the help they provided to us for the completion of
our project.

Yash Shekhar
Nalin Pradhan
Diksha Kumari
Devesh Panwar
Muskan Kaira

(Student B.E. CSE, 2nd semester)


TABLES OF CONTENT

CHAPTER 1. INTRODUCTION
1.1 Identification of client .................................................................................................... 3

1.2 Identification of problem ................................................................................................ 3

1.3 Identification of task ........................................................................................................ 4

1.4 Timeline ............................................................................................................................ 5

1.5 Organization of report ........................................................................................................ 6

CHAPTER 2. LITERATURE REVIEW/BACKGROUND STUDY


2.1 Timeline of the reported problem.................................................................................................... 7

2.2 Existing solution ............................................................................................................................... 8

2.3 Bibliometric analysis….................................................................................................................... 8

2.4 Review summary ................................................................................................................................ 9

2.5 Problem definition............................................................................................................................... 9

2.6 Goals/Objectives .................................................................................................................................. 10

CHAPTER 3. DESIGN FLOW/PROCESS

3.1 Evaluation & selection of specifications/features ........................................................... 11


3.2 Design Constraints .......................................................................................................... 11

3.3 Design selection ............................................................................................................... 12

3.4 Design flow… ................................................................................................................ 13

3.5 Implementation plan/methodology .................................................................................. 14

CHAPTER 4. RESULT ANALYSIS AND VALIDATION


4.1 Result and testing ................................................................................................................. 14

CHAPTER 5. CONCLUSION AND FUTURE SCOPE


5.1 Future work ........................................................................................................................... 15

5.2 Conclusion ........................................................................................................................... 15

2
INTRODUCTION

1.1. Identification of Client:

OTP verification system allows an individual to protect their data. In addition to this, OTP
verification system is also used by businesses to secure their employee’s data as well as Bank
uses OTP verification system to secure Client’s data. OTP verification system may sound a
common thing but it plays a key role everywhere in our day-today-world. OTP can be generated
using a variety of user authentication or they can be generated separately and sent to users via
massage, emails or other means.

An OTP verification system (or) model may be required for the following reasons by a client:

• Data Security: OTP verification system provides data security to banks. Such as, personal
details of clients, etc. Which can be misused to get advantage and that’s something that can
destroy a Bank or Company’s reputation among the public.

• Reduce Data Leaking Risks: Many Businesses fall due to data leaking of clients,
Organization but to reduce that Data leaking risks every individual or businesses need an
OTP verification system to secure their confidential details. It reduces the probability of
leakage of data. OTPs enabled companies to overcome a major authentication issues.

• Cyber-Attacks Aware Employees: Understanding Cyber-Attacks can help individual and


businesses identify areas where they lack safety and that’s something our OTP verification
system going to do. It will secure your data as well as guides you. It is the mainadvantage of
OTPs over standalone password is that they are immune to replay attacks. Cyber -attacks
are so common nowadays so it is very important to have a strong security system to protect
our data and information from attackers which can be done using OTP authentication
system.

1.2. Relevant Contemporary issue:


There are several contemporary issues related to OTP verification system that
have beendocumented in reports by various agencies. Here are some examples:

1. Number Change: Many people change their mobile numbers without realizing how it’s
going to affect them as their mobile number might be registered to many OTP verification
systems of different app or websites. But the solution is quite simple we just need another
option for these people like an option to get OTP on mobile as well as on email.

2. Data Security: Many people complain their personal data was accessed by a suspicious
person or individual who may misuse the data. Now these cases are a result of leaked data, but
our OTP verification system also guides the individual to be aware of cyber- attacks.

3
1.3 Need of OTP verification system:

OTP verification system can be useful for a wide range of clients, including:

● Individuals - An OTP verification system can help individuals secure their data and
identify areas where they have a chance of data leaking. Also, it guides them to avoid
attacks like social engineering.

● Businesses - Businesses can use OTP verification system to secure their employee or
organization’s data, reduce data leaking, and improve security, which can enhance their
reputation and attract employees.

● Government agencies – OTP verification system can help government agencies to protect
their data, reduce data leaking risks, improve their security to secure confidential details.
Two factor authentication is currently widely adopted. The majority of e-governance
system currently make use of text message to deliver second authentication.

● Banks- Banks can use this OTP verification system to secure login of customers while
accessing their personal details. It secures data leaking, e-stealing, make good reputation
of the bank among the customers and build the trust between Bank and the public. It
provides a strong protection to e-banking and other system containing sensitive data. In
banks many works are done online so there is a high probability of data losses because of
this banks uses OTP system to protect data.

1.3. Identification of Problem:


The problem statement of an OTP verification project is to develop a model that can secure
an organization’s data as well as personal data. OTP verification system is essential for
establishing data security for an organization or an individual. However a completely secured
verification is challenging due to the complex and dynamic nature of hackers and crackers
which is influenced by the various factors such as ML algorithms to crack the OTP, hackers
using keyloggers and similar tricks and hackers using social engineering. The model will be
designed to secures one’s data in real time or for future periods, enabling user to login
securely and give guidance to them for avoiding attacks like social engineering. We will
design this model using python and T-kinter . T-kinter is a standard GUI library for python.
It provides fast and easy way to create GUI application. Although there are several
verification system are already made but we can make it more secure by making better use of
technology.

1.4. Identification of Tasks

• Resources Collection: The goal of resources collection is to obtain a comprehensive and


representative set of knowledge that can be used to draw conclusions, make, or develop
GUI Based OTP verification system. It refers to observing various OTP verification system
which is already made and take idea about our project.

4
• Visualization of the Project: The Resources collected will be used to draw various
insights and be used to forecast the OTP verification system. So, the resources or
knowledge will be processed and formatted in a way so as it is possible to achieve the
desired output. Different methods will be created to do so. It refers making a model of our
project.

• Comparing different OTP verification Algorithms/Literature Review: The next


objective is to pass the dataset to different OTP verification algorithms. Then compare the
different OTP verification algorithms based on the output generated by them. The factors
to be used for comparing the models would be accuracy and recall value.

• Problem Formulation: After formatting the data various graphical insights will be drawn
from the dataset. The insights can include OTP verification in different Models, etc. Some
insights will also be created to make the visualization of the model easier.

• Selecting the suitable OTP verification system model: After comparing all the models
including ours a model will be chosen with best accuracy which will help to do best OTP
variation in upcoming years for several organizations. These models can be used to reduce
data leaking risks and for other purposes by the organization or an individual.

• Using different tools : In this step we use various platforms and programming language
like python , vs code to make our project.

• Testing and training the dataset: The model will be tested and trained on the collected
dataset or resources. Various parameters will be used to further increase the model
accuracy and security.

1.5. Timeline

5
Figure 1.1: GANTT CHART

1.6. Organization of the Report

Chapter 1 Problem Identification: This chapter introduces the project and describes the problem
statement discussed earlier in the report.

Chapter 2 Literature Review: This chapter prevents review for various research papers which
help us to understand the problem in a better way. It also defines what has been done to already
solve the problem and what can be further done.

Chapter 3 Design Flow/ Process: This chapter presents the need and significance of the proposed
work based on literature review. Proposed objectives and methodology are explained. This
presents the relevance of the problem. It also represents logical and schematic plan to resolve the
research problem.

Chapter 4 Result Analysis and Validation: This chapter explains various performance
parameters used in implementation. Experimental results are shown in this chapter. It explains the
meaning of the results and why they matter.

Chapter 5 Conclusion and future scope: This chapter concludes the results and explain the best
method to perform this research to get the best results and define the future scope of study that
explains the extent to which the research area will be explored in the work.

6
Team Roles:
Member Name UID Roles

Devesh Panwar 22BCS11131 • COLLECTION AND MAKING


OF THE PROJECT

• TRAINING OF THE
PROJECT

• VISUALISATION OF THE
PROJECT

Yash Shekhar 22BCS17086 • COLLECTION OF


RESOURCES
Nalin 22BCS16857
• VISUALISATION OF THE
PROJECT

• TRAINING OF THE PROJECT

Diksha Kumari 22BCS16005 • Testing of Project


Muskan Kaira 22BCS16007
• Graphics Design

• Color Selection

Fig: Work plan and Work distribution

2.1 Timeline of reported problem:


An OTP (one time password) was made to improve security and protect sensitivity information
accounts from unauthorized access.

Traditionally user authentication involved a simple username and password combination, which
could be vulnerable to hacking, phishing, or other form of cyber -attacks. An OTP system provides
an additional layer of security beyond traditional authentication methods by requiring users to enter
a unique password that is only valid for a single login session or transaction .

The need for OTP system was identified in response to the growing threat of cyber -attacks and
identify theft.

One of the earliest documented uses of OTPs dates back to the 1960s, when the US government
developed the S.A.M(Secure access module) system for securing access to computer systems. The
S.A.M system used a “one time pad” method for generating OTPs, which involved the use of pre-
shared secret key that was used only once to encrypt a message. This system was widely used in
military and government contexts.

In the 1990s, the OTP system began to be used more widely in the commercial sector, particularly
7
vin the financial industry. One of the earliest commercial OTP -system was developed by OTP
system RSA security, which introduced the SecureID system in 1986. The SecureID system used a
small hardware device called a token that displayed a new OTP every minute.

2.2 Existing solutions:


There are a variety of solutions available to prevent the effects of cyber- attacks and online theft.
Some of these solutions include:

1. Use Strong Passwords: One of the easiest way to prevent cyber -attacks is to use strong
password. Strong passwords are typically long and complex and can be difficult for hackers to
guess or crack.

2. Two – Factor Authentication: Two – Factor authentication is an additional layer of security


that requires users to provide two forms of authentication, such as a password and a verification
code sent to their phone, to access their accounts. This can make it more difficult for hackers to
gain access to sensitive information.

3. Firewalls: Firewalls can be used to block unauthorized access to a network or computer system.
They work by analyzing incoming traffic and blocking any traffic that doesn’t meet certain security
criteria.

4. Anti – Malware software: Anti-Malware software can help in prevent malware and other
malicious programs from infecting a computer system. These programs can scan for viruses,
spyware, and other types of malicious software, and remove them if they are found.

5. Encryption: Encryption is the process of encoding data so that it can only be accessed by
authorized parties. This can help protect sensitive data from unauthorized access or theft.

2.3 Bibliometric analysis:


OTPs are generated only once and are valid for a short duration, making them difficult to reuse by
attackers.

Key Features:
1. OTPs are generated only once and are time sensitive.
2. OTPs are delivered via different channels such as SMS, email, or through mobile app.
3.OTPs are usually used as a second factor authentication method.
4.OTPs can be generated through various algorithms such as TOTP (Time-based one-time
password).

Drawbacks:
1. If the OTP is sent via SMS, it can be intercepted by attackers through various methods such as
SIM swapping or SS7 attacks phishing attacks can be used to trick users into providing OTPs o
attackers.

2. In some cases, the user may lose their device or the device may be stolen, leading to a potential
compromise of the OTP generation process.

8
3. OTPs are only effective if the user is diligent in keeping their device secure and not sharing OTPs
with others.

Effectiveness:
1. OTPs provide an additional layer of security to the authentication method, which increases the
security of the overall authentication process.

2. OTPs are time-sensitive, which means they cannot be reused by attackers after a certain duration,
reducing the window of opportunity for attackers to gain unauthorized access.

3. OTPs are generated through various algorithms, which increases the complexity of the OTP
generation process and makes it difficult for attackers to predict the next OTP.

In conclusion, while OTP verification systems provide an additional layer of security to the
authentication process, they are not without their drawbacks. User must remain vigilant and take
precaution to ensure the security of their device and not share OTPs with others. Overall, OTPs are
an effective method of increasing security of the authentication process and are widely used in
various applications, including online banking and e-commerce.

2.4 Review Summary:


Based on the findings of the literature review on the OTP verification system, it is clear that OTPs
are a widely used method for providing an additional layer of security in the authentication process.

This process information can be useful for a project on OTP verification systems, as it provides a
strong foundation for understanding the importance of OTPs and their effectiveness in increasing
the security of the authentication process.

In conclusion, the findings of the literature review on the OTP verification system can be used to
inform and guide a project on OTP verification system can be used to inform and guide a project on
OTP verification system, including understanding the importance of OTPs, their effectiveness in
increasing security, potential vulnerabilities, and the different algorithms available for generating
OTPs.

2.5 Problem Definition:


The problem definition in OTP verification system is to ensure that a user attempting to access a
system or perform a transaction is who they claim to be. This is achieved by sending a one-time
password to user’s registered mobile number or email address, which they then enter into the
system to verify their identity.

The main objective of OTP verification is to prevent unauthorized access to the system or account,
and protect against fraudulent activities such as identity theft and financial fraud. OTP verification
is commonly used in various industries such as banking, e-commerce, healthcare, and social media
platforms.

9
The main challenge in OTP verification system includes ensuring the security and confidentiality of
the OTP code during transmission and storage, preventing the misuse of OTPs, and designing a
user- friendly interface that is easy to use and understand.

To address this challenges, we have several methods:

1. Use longer OTPs: Longer OTPs can make it more difficult for hackers to guess or crack the
code. Instead of using a 4 or 6 -digit code, use a longer OTP with 8-10 digits.

2. Impliment Rate Limiting: Rate limiting can prevent brute-force attacks on the OTP verification
system. For example, you can limit the number of OTP attempts per minute or per IP address.

3. Use multi-factor authentication: Multi-Factor authentication adds an additional layer of


security to the OTP verification system. For example, you can require users to enter a password and
an OTP, or use biometric authentication along with the OTP.

4. Implement Device Binding: Device binding can help prevent OTP theft and phishing attacks.
With device binding, the OTP is only is only valid for a specific device, such as a user’s
smartphone, and cannot be used on another device.

2.6 Goals/Objectives:
The goals and objectives of OTP verification system are:

1. Increased security: The primary goal of OTP verification system is to increase the security of
online transaction and services by providing a unique code that is valid for a limited time period
typically ranging from 30 second to a few minutes.

2. Protection against identity theft: OTP verification system helps to protect against identity theft
and fraud by ensuring that only authorized users have access to their accounts and personal
information.

3. Preventing unauthorized access: Preventing unauthorized access from hackers or other


malicious actors.

4. Improved user experience: OTP verification system provides a seamless user experience by
eliminating the need to remember complex passwords or answer security questions, making the
login process quick and easy.

5. Compliance with regulations: OTP verification system helps organization comply with various
regulations and other that require strong authentication mechanism to protect sensitive information.

6. Reducing operational costs: OTP verification system reduces the costs associated with
password resets, account lockouts, and other support-related issues by providing a simple and
efficient verification process that requires minimal user intervention.

10
3.1 Evaluation & Selection of Specification/Features
To evaluate and select specifications or features for OTP verification using GUI in python, you can
follow the steps below:

Identify the requirements: First, you need to identify the requirements for OTP verification using
GUI. Some of the requirements might be include the ability to generate OTP codes, the ability to
verify OTP codes, user-friendly GUI, support for multiple OTP delivery method(SMS, email, etc.)
and so on.

Brainstorm potential features: Once you have identified the requirements, you can brainstorm
potential features that can help meet those requirements. For example, if you want to support many
OTP delivery methods, you might consider adding a dropdown menu that allows users to select the
delivery method they prefer.

Prioritize features: Once you have a list of potential features, you need to prioritize them based on
their importance and feasibility. You can use a simple scoring system to rank each feature based on
factors like the level of effort required to implement the feature, the potential impact on user
experience, and the importance of the feature to the overall functionality of the OTP verification
system.

Develop a prototype: Once you have prioritized the features, you can start developing a prototype
that includes the most important features. This will allow to test the functionality of the OTP
verification system and refine the features based on the user feedback.

Test and iterate: After developing the prototype, you need to test the system and iterate based on
user feedback. This might involve adding or removing features, modifying the user interface, or
improving the overall functionality of the system.

Launch and monitor: Once the system is stable and all necessary features have been implemented
you can launch it and monitor its performance. You should continue to collect user feedback and
make improvements as necessary to ensure that the OTP verification system meets the needs of
your users.

Overall, the process of evaluating specifications and features for OTP verification using GUI in
python requires careful planning, prioritization, and testing to ensure that the system meets the
needs of your users and provides a reliable and user friendly experience.

3.2 Design Constraints


There are several design constraints to consider when creating an OTP verification system using
python and a GUI. Here are some important ones:

1 Security: The OTP verification system must be designed to ensure that the generated OTPs are
secure and cannot be easily guessed or intercepted by malicious actors.

2 User interface: The GUI must be designed in a user-friendly and intuitive way so that users can
11
easily navigate and use the system.

3 Integration: The OTP verification system must be designed to easily integrate with each other
systems, such as a user database or an authentication service.

4 Scalability: The system should be designed to handle a large number of OTPs request and
verification simultaneously.

5 Performance: The system should be designed to generate and verify OTPs quickly and
efficiently.

6 Error handling: The system should be designed to handle errors and exceptions gracefully,
providing users with informative error messages and logs.

7 Accessibility: The system should be designed to be accessible to all users, including those with
disabilities.

8 Maintenance: The system should be designed to be easy to maintain and update with clear
documentation and modular code.

By considering these design constraints you can create an effective and secure OTP verification
system using python and a GUI.

3.3 Design Selection


For selection of a design to develop a OTP verification system, we can follow the steps given
below:

1 Choose a GUI library: There are several GUI libraries available for python, such as Tkinter,
wxpython, etc. Choose one that you are comfortable with and that you meet your requirements.

2 Design the GUI: Design the user interface for your OTP verification system. This can include
textboxes for entering phone numbers and OTPs, buttons for submitting the OTP, and labels to
display messages.

3 Integrate SMS API: To send OTPs to user’s phone, you will need to integrate an SMS API such
as Twilio into your python code. Once you have signed up for an account with an SMS provider,
you can obtain the API credentials that you need to send message.

4 Generate OTP: Write a function in python to generate OTPs. You can use the ‘random’ module
to generate random numbers and the ‘string’ module to generate random strings. The OTPs should
be sent to the user’s phone number via SMS.

5 Verify OTP: Write a function to verify the OTP entered by the user. This function should check
whether the OTP entered by the user matches the OTP sent to their phone.

6 Test and deploy: Test your OTP verification system to make sure it works properly, and then
deploy it to your desired environment.

12
3.4 Design Flow
3.4.1 Flowchart:
Below we have shared the block diagram of the project to depict how the entire system will work.

Start
Start

Input field for mobile


Create a GUI Window number and OTP

Send OTP to user via SMS


Generate a random OTP using
gateway
python’s random module

User enters OTP


Add a verify button for OTP
verification

OTPs match display


Compare entered OTP with verification successful
generated OTP message

Add timer to expires OTP after set


OTPs do not match display error time period
message and allow user to retry

End

13
3.4.2 Coding
The coding for creating OTP verification system is done in python coding language by usingvisual studio
code as integrated development environment (IDE) as software. We are also using graphical user interface
(GUI) for making this more interactive to user and for their comfort. GUI is a form of user interface that
allows users to interact with electronic device through a graphical icons.

CODE USED FOR CREATING THE OTP VERIFICATION


SYSTEM –

import tkinter as tk
from tkinter import messagebox
import random
import smtplib

def generate_otp():
otp = random.randint(1000, 9999)
return otp

def send_otp():
email = email_entry.get()
if not email:
messagebox.showerror("Error", "Please enter an email
address")
return

sender_email = "[email protected]"
password = "sfpjnqcuwgosgexc"

server = smtplib.SMTP('smtp.gmail.com', 587)


server.starttls()
server.login(sender_email, password)
14
subject = "OTP Verification System using Python"
body = f"Your OTP is: {otp}"
message = f"Subject: {subject}\n\n{body}"

server.sendmail(sender_email, email, message)


server.quit()

messagebox.showinfo("Success", "OTP sent!")

def verify_otp():
entered_otp = otp_entry.get()
if entered_otp == str(otp):
messagebox.showinfo("Success", "OTP verified!")
else:
messagebox.showerror("Error", "Invalid OTP")

root = tk.Tk()
root.title("OTP Verification")
root.configure(bg='#F0F8FF')
root.geometry("300x200")

email_label = tk.Label(root, text="Enter email address:",


bg='#F0F8FF',font=("Serif", 10))
email_label.pack()

email_entry = tk.Entry(root)
email_entry.pack()

15
send_button = tk.Button(root, text="Send OTP",font=("Serif", 10),
command=send_otp)
send_button.pack()

otp_label = tk.Label(root, text="Enter OTP:", bg='#F0F8FF')


otp_label.pack()

otp_entry = tk.Entry(root)
otp_entry.pack()

verify_button = tk.Button(root, text="Verify OTP",font=("Serif", 10),


command=verify_otp)
verify_button.pack()

otp = generate_otp()
print(f"Generated OTP: {otp}")

root.mainloop().

• --------------------------------

Explanation Of Code –

• import tkinter as tk: This line imports the tkinter module and renames it

to tk for convenience. The tkinter module provides a powerful object-

oriented interface to the Tk GUI toolkit and is used to create the GUI for this

script.

16
• from tkinter import messagebox: This line imports the messagebox class

from the tkinter module. The messagebox class provides a set of dialog

boxes that can be used to display messages to the user.

• import random: This line imports the random module which contains

various functions for generating random numbers.

• import smtplib: This line imports the smtplib module which defines an SMTP

(Simple Mail Transfer Protocol) client session object that can be used to

send mail to any Internet machine with an SMTP or ESMTP listener daemon.

• def generate_otp():: This line defines a function named generate_otp. The

function generates and returns a random 4-digit OTP using

the randint function from the random module.

• otp = random.randint(1000, 9999): This line generates a random integer

between 1000 and 9999 (inclusive) and assigns it to the variable otp.

• return otp: This line returns the value of the variable otp.

• def send_otp():: This line defines a function named send_otp. The function

sends an OTP to the email address entered by the user in the GUI.

• email = email_entry.get(): This line gets the text entered in

the email_entry widget and assigns it to the variable email.

• if not email:: This line checks if the variable email is empty (i.e., if the user

has not entered an email address).

17
• messagebox.showerror("Error", "Please enter an email address"): This line

displays an error message using the showerror method of

the messagebox class if the user has not entered an email address.

• return: This line exits the function if the user has not entered an email

address.

• The next few lines define some variables that will be used to send an email

using the SMTP protocol:

o sender_email = "[email protected]": This line defines the sender’s

email address.

o password = "sfpjnqcuwgosgexc": This line defines the password for the

sender’s email account.

o Note: It is not safe to store passwords in plain text in your code. A safer

approach would be to store them in environment variables or use a

password manager.

• The next few lines create an instance of the SMTP class and log in to the

sender’s email account:

o server = smtplib.SMTP('smtp.gmail.com', 587): This line creates an

instance of the SMTP class and connects to Gmail’s SMTP server on

port 587.

o server.starttls(): This line starts TLS (Transport Layer Security) encryption

for the connection.

18
o server.login(sender_email, password): This line logs in to the sender’s

email account using the email address and password defined earlier.

• The next few lines define some variables that will be used to create an email

message:

o subject = "OTP Verification System using Python": This line defines the

subject of the email.

o body = f"Your OTP is: {otp}": This line defines the body of the email using

an f-string. The f-string includes the value of the variable otp.

o message = f"Subject: {subject}\n\n{body}": This line creates a

complete email message by concatenating the subject and body

with appropriate formatting.

• The next few lines send an email using the SMTP instance created earlier:

• server.sendmail(sender_email, email, message): This line sends an email

from the sender’s email address to the recipient’s email address

(i.e., <Email>) with the message defined earlier.

o server.quit(): This line terminates the SMTP session and closes the

connection to the server.

o messagebox.showinfo("Success", "OTP sent!"): This line displays a

success message using the showinfo method of

the messagebox class to inform the user that the OTP has been sent.

19
o def verify_otp():: This line defines a function named verify_otp. The

function verifies if the OTP entered by the user in the GUI is correct.

o entered_otp = otp_entry.get(): This line gets the text entered in

the otp_entry widget and assigns it to the variable entered_otp.

o if entered_otp == str(otp):: This line checks if the OTP entered by the

user is equal to the OTP generated by the script. The str function is used

to convert the integer value of otp to a string for comparison.

o messagebox.showinfo("Success", "OTP verified!"): This line displays a

success message using the showinfo method of

the messagebox class if the OTP entered by the user is correct.

o else:: This line specifies what should happen if the OTP entered by the

user is not correct.

o messagebox.showerror("Error", "Invalid OTP"): This line displays an

error message using the showerror method of the messagebox class

if the OTP entered by the user is not correct.

• The next few lines create an instance of the Tk class and set some properties

for the main window:

▪ root = tk.Tk(): This line creates an instance of the Tk class. The Tk class

is used to create a main window for a Tkinter application.

▪ root.title("OTP Verification"): This line sets the title of the main window

to “OTP Verification”.

20
▪ root.configure(bg='#F0F8FF'): This line sets the background color of the

main window to a light blue color.

▪ root.geometry("300x200"): This line sets the size of the main window to

300x200 pixels.

• The next few lines create some widgets (i.e., graphical elements) for the

GUI:

▪ email_label = tk.Label(root, text="Enter email address:",

bg='#F0F8FF',font=("Serif", 10)): This line creates a Label widget that

displays some text and sets its properties. The first argument (root)

specifies that this widget should be placed in the main window. The

second argument (text="Enter email address:") specifies that this

widget should display some text. The third argument (bg='#F0F8FF')

specifies that this widget should have a light blue background color.

The fourth argument (font=("Serif", 10)) specifies that this widget should

use a Serif font with a size of 10 points.

• email_label.pack(): This line uses the pack method to place

the email_label widget in the main window. The pack method is one of

several geometry managers available in Tkinter that can be used to control

the placement of widgets in a window.

• email_entry = tk.Entry(root): This line creates an Entry widget that allows the

user to enter some text and sets its properties. The first argument (root)

specifies that this widget should be placed in the main window.

21
• email_entry.pack(): This line uses the pack method to place

the email_entry widget in the main window.

• send_button = tk.Button(root, text="Send OTP",font=("Serif", 10),

command=send_otp): This line creates a Button widget that displays some

text and sets its properties. The first argument (root) specifies that this widget

should be placed in the main window. The second argument (text="Send

OTP") specifies that this widget should display some text. The third argument

(font=("Serif", 10)) specifies that this widget should use a Serif font with a size

of 10 points. The fourth argument (command=send_otp) specifies that this

widget should call the send_otp function when clicked.

• send_button.pack(): This line uses the pack method to place

the send_button widget in the main window.

• otp_label = tk.Label(root, text="Enter OTP:", bg='#F0F8FF'): This line creates

another Label widget that displays some text and sets its properties. The first

argument (root) specifies that this widget should be placed in the main

window. The second argument (text="Enter OTP:") specifies that this widget

should display some text. The third argument (bg='#F0F8FF') specifies that

this widget should have a light blue background color.

• otp_label.pack(): This line uses the pack method to place

the otp_label widget in the main window.

22
• otp_entry = tk.Entry(root): This line creates another Entry widget that allows

the user to enter some text and sets its properties. The first argument (root)

specifies that this widget should be placed in the main window.

• otp_entry.pack(): This line uses the pack method to place

the otp_entry widget in the main window.

• verify_button = tk.Button(root, text="Verify OTP",font=("Serif", 10),

command=verify_otp): This line creates another Button widget that displays

some text and sets its properties. The first argument (root) specifies that this

widget should be placed in the main window. The second argument

(text="Verify OTP") specifies that this widget should display some text. The

third argument (font=("Serif", 10)) specifies that this widget should use a Serif

font with a size of 10 points. The fourth argument (command=verify_otp)

specifies that this widget should call the verify_otp function when clicked.

• verify_button.pack(): This line uses the pack method to place

the verify_button widget in the main window.

• otp = generate_otp(): This line calls the generate_otp function to generate

an OTP and assigns the returned value to the variable otp.

• print(f"Generated OTP: {otp}"): This line prints the generated OTP to the

console using an f-string. The f-string includes the value of the variable otp.

• root.mainloop(): This line enters the Tkinter main loop. The main loop is

responsible for handling events such as button clicks and updating the GUI.

This line must be called last in a Tkinter script.

23
3.5 Implementation plan and methodology
1. Understand the requirements: Before starting the design it’s essential to understand the requirement of
the OTP verification system. This includes the purpose of the system, the userflow, and features of that the
system need to have. For example, in our case, we need to design a system that generates OTPs to
authenticate user’s phone numbers.

2. Choose a GUI library: As I mentioned earlier, there are several GUI libraries available forpython. Choose
one that meets your requirements and that you are comfortable with.
Consider factors like ease of use, documentation, community support, and compatibility withyour
development environment.

3. Plan the system architecture: Once you have a clear idea of the requirements and the GUIdesign, plan the
system architecture. This includes deciding on the programming language, libraries, and frameworks to use.
For our OTP verification system, we will be using python.

4. Write the code: Now that you have a plan, start writing the code for your OTP verificationsystem. Begin
with the backend functionality, such as generating OTPs, sending SMS message and verifying OTPs. Once
the backend is ready move on to the GUI code and integrate it with backend functionality.

5. Test the system: Test the system thoroughly to ensure that it works correctly and meets therequirements.
Test each component individually and the test the system as a whole. Use both positive and negative test
cases to ensure that the system handles all scenarios correctly.

6. Maintain the system: Regularly maintain the system to ensure that it remains up to dateand secure.
This includes updating libraries and frameworks, fixing bugs, and adding new features as required.

24
SCREENSHOTS / IMPLEMENTATION OF THE CODE –

Step 1 –

25
Step 2 –

26
Step 3 –

27
Step 4 –

28
Step 5 –

29
Step 6 –

30
Step 7 –

31
Step 8 –

32
4.1 Result and testing
The result of our semester project showcase the successful development and implementation
of OTP verification system based using python based on GUI. It verifies mobile number of
user by sending a unique OTP verification code during registration and login.

5.1 Future work


• Nowadays OTP verification is widely used in field of authentication. From a security
purpose, we expect to see the industry move in the direction of multimode biometrics
which combines identifiers like fingerprints, voice, face recognition, iris patterns to
produce high reliability biometrics matching. Combining biometric factors in this manner
can produce nearly flawless biometric matching that is hundred of times more reliable
than using a single factor.
• OTP verification can be combined with other authentication factors such as biometrics
(fingerprint, facial recognition), hardware tokens, or behavioral analysis for enhanced
security. Python can be used to integrate these additional authentication methods into the
OP verification system.
• As security threats evolve, there is a constant need to improve encryption techniques to
protect TPs during transmission and storage. Python can be used to implement robust
encryption algorithms and protocols.
• Future OT systems can leverage Python's asynchronous programming capabilities to
provide real-time OT delivery and synchronization across multiple devices.
• Python's extensive machine learning libraries, such as TensorFlow and scikit-learn, can be
utilized to build models that detect anomalous OT usage patterns. This can help identify
potential fraud or unauthorized access attempts. improving the overall security of the
system.
• Blockchain technology offers inherent security and transparency. Python can be used to
integrate OTP verification systems with blockchain networks, ensuring immutability and
traceability of OT transactions and enhancing the overall security and trustworthiness of
the system.
• With the increasing focus on data privacy and security regulations, future OT verification
systems may need to adapt to new requirements. Python can be used to implement the
necessary compliance measures and ensure adherence to these regulations.

Remember, the future scope of OTP verification systems using Python is


not limited to these points, and new advancements and requirements may
arise as technology evolves. It is essential to stay updated with the latest
trends, security practices, and advancements in the field to design and
implement robust and secure OTP verification systems.

33
5.2 Conclusion
OTP based secure authentication has been implemented and the result have been incorporated
in this paper. It is concluded that OTP as a stand - alone security system provides a basic
level of security. To enhance the level of security provided, OTP can be multiplied with other
security systems and biometric authentication. The backend database can also be
implemented using different languages like JavaScript for further enhancement of security.

References
1. Sagar Acharya, "Two Factor Authentication Using Smartphone Generated One Time
Password ", IOSR Journal of Computer Engineering (IOSR-JCE) e-ISSN: 2278-0661, p-
ISSN: 2278-8727Volume 11, Issue2 (May. - Jun. 2013), PP 85-90 www.iosrjournals.org.

2. Collin Mulliner, "SMS-Based One-Time Passwords: Attacks and Defense", North-eastern


University [email protected].

3. Dinei Florence, "One-Time Password Access to Any Server without Changing the Server”,
Microsoft Research, One Microsoft Way, Redmond, WA [email protected],
[email protected].

4. M. Viju Prakash, "Eliminating Vulnerable Attacks Using One-Time Password and Pass
Text – Analytical Study of Blended Schema", Universal Journal of Computer Science and
Engineering Technology1 (2), 133-140, Nov. 2010. © 2010 UniCSE, ISSN: 2219-2158

34

You might also like