Fortify Your Apps: Implementing OTP

Verification in Python

Submitted By –

Mr Abhishek Kumar, Chandigarh University

Mrs Jaspreet Kaur, Chandigarh University

 TABLES OF CONTENT

CHAPTER 1. INTRODUCTION
Identification of client.........................................................................................................3

Identification of problem.....................................................................................................3

• Identification of task.........................................................................4

Timeline.................................................................................................................................5

Organization of report.............................................................................................................6

CHAPTER 2. LITERATURE REVIEW/BACKGROUND STUDY

Timeline of the reported problem........................................................................................................7

Existing solution....................................................................................................................................8

Bibliometric analysis…........................................................................................................................8

Review summary....................................................................................................................................9

Problem definition...................................................................................................................................9

Goals/Objectives.......................................................................................................................................10

CHAPTER 3. DESIGN FLOW/PROCESS

Evaluation & selection of specifications/features................................................................11

Design Constraints................................................................................................................11

Design selection.....................................................................................................................12

Design flow..........................................................................................................................13

Implementation plan/methodology........................................................................................14

CHAPTER 4. RESULT ANALYSIS AND VALIDATION

4.1 Result and testing.................................................................................................................14

CHAPTER 5. CONCLUSION AND FUTURE SCOPE

Future work................................................................................................................................15

Conclusion................................................................................................................................15

2
 INTRODUCTION

Identification of Client:

OTP verification system allows an individual to protect their data. In addition to this, OTP
verification system is also used by businesses to secure their employee’s data as well as Bank
uses OTP verification system to secure Client’s data. OTP verification system may sound a
common thing but it plays a key role everywhere in our day-today-world. OTP can be
generated using a variety of user authentication or they can be generated separately and sent to
users via massage, emails or other means.

An OTP verification system (or) model may be required for the following reasons by a client:

• Data Security: OTP verification system provides data security to banks. Such as,
personal details of clients, etc. Which can be misused to get advantage and that’s
something that can destroy a Bank or Company’s reputation among the public.

• Reduce Data Leaking Risks: Many Businesses fall due to data leaking of clients,
Organization but to reduce that Data leaking risks every individual or businesses need an
OTP verification system to secure their confidential details. It reduces the probability of
leakage of data. OTPs enabled companies to overcome a major authentication issues.

• Cyber-Attacks Aware Employees: Understanding Cyber-Attacks can help individual

and businesses identify areas where they lack safety and that’s something our OTP
verification system going to do. It will secure your data as well as guides you. It is the
mainadvantage of OTPs over standalone password is that they are immune to replay
attacks. Cyber -attacks are so common nowadays so it is very important to have a strong
security system to protect our data and information from attackers which can be done
using OTP authentication system.

Relevant Contemporary issue:

There are several contemporary issues related to OTP verification system that
have beendocumented in reports by various agencies. Here are some
examples:

1. Number Change: Many people change their mobile numbers without realizing how it’s
going to affect them as their mobile number might be registered to many OTP
verification systems of different app or websites. But the solution is quite simple we just
need another option for these people like an option to get OTP on mobile as well as on
email.

2. Data Security: Many people complain their personal data was accessed by a suspicious
person or individual who may misuse the data. Now these cases are a result of leaked data, but
our OTP verification system also guides the individual to be aware of cyber- attacks.
3
 1.3 Need of OTP verification system:

OTP verification system can be useful for a wide range of clients, including:

● Individuals - An OTP verification system can help individuals secure their data and
identify areas where they have a chance of data leaking. Also, it guides them to avoid
attacks like social engineering.

● Businesses - Businesses can use OTP verification system to secure their employee or
organization’s data, reduce data leaking, and improve security, which can enhance their
reputation and attract employees.

● Government agencies – OTP verification system can help government agencies to

protect their data, reduce data leaking risks, improve their security to secure confidential
details. Two factor authentication is currently widely adopted. The majority of e-
governance system currently make use of text message to deliver second authentication.

● Banks- Banks can use this OTP verification system to secure login of customers while
accessing their personal details. It secures data leaking, e-stealing, make good reputation
of the bank among the customers and build the trust between Bank and the public. It
provides a strong protection to e-banking and other system containing sensitive data. In
banks many works are done online so there is a high probability of data losses because of
this banks uses OTP system to protect data.

Identification of Problem:
The problem statement of an OTP verification project is to develop a model that can secure
an organization’s data as well as personal data. OTP verification system is essential for
establishing data security for an organization or an individual. However a completely
secured verification is challenging due to the complex and dynamic nature of hackers and
crackers which is influenced by the various factors such as ML algorithms to crack the OTP,
hackers using keyloggers and similar tricks and hackers using social engineering. The model
will be designed to secures one’s data in real time or for future periods, enabling user to
login securely and give guidance to them for avoiding attacks like social engineering. We
will design this model using python and T-kinter . T-kinter is a standard GUI library for
python. It provides fast and easy way to create GUI application. Although there are several
verification system are already made but we can make it more secure by making better use
of technology.

Identification of Tasks

• Resources Collection: The goal of resources collection is to obtain a comprehensive and

representative set of knowledge that can be used to draw conclusions, make, or develop
GUI Based OTP verification system. It refers to observing various OTP verification
system which is already made and take idea about our project.

4
 • Visualization of the Project: The Resources collected will be used to draw various
insights and be used to forecast the OTP verification system. So, the resources or
knowledge will be processed and formatted in a way so as it is possible to achieve the
desired output. Different methods will be created to do so. It refers making a model of our
project.

• Comparing different OTP verification Algorithms/Literature Review: The next

objective is to pass the dataset to different OTP verification algorithms. Then compare
the different OTP verification algorithms based on the output generated by them. The
factors to be used for comparing the models would be accuracy and recall value.

• Problem Formulation: After formatting the data various graphical insights will be
drawn from the dataset. The insights can include OTP verification in different Models,
etc. Some insights will also be created to make the visualization of the model easier.

• Selecting the suitable OTP verification system model: After comparing all the models
including ours a model will be chosen with best accuracy which will help to do best OTP
variation in upcoming years for several organizations. These models can be used to
reduce data leaking risks and for other purposes by the organization or an individual.

• Using different tools : In this step we use various platforms and programming language
like python , vs code to make our project.

• Testing and training the dataset: The model will be tested and trained on the collected
dataset or resources. Various parameters will be used to further increase the model
accuracy and security.

Timeline

5
 Figure 1.1: GANTT CHART

Organization of the Report

Chapter 1 Problem Identification: This chapter introduces the project and describes the
problem statement discussed earlier in the report.

Chapter 2 Literature Review: This chapter prevents review for various research papers which
help us to understand the problem in a better way. It also defines what has been done to already
solve the problem and what can be further done.

Chapter 3 Design Flow/ Process: This chapter presents the need and significance of the
proposed work based on literature review. Proposed objectives and methodology are explained.
This presents the relevance of the problem. It also represents logical and schematic plan to
resolve the research problem.

Chapter 4 Result Analysis and Validation: This chapter explains various performance
parameters used in implementation. Experimental results are shown in this chapter. It explains the
meaning of the results and why they matter.

Chapter 5 Conclusion and future scope: This chapter concludes the results and explain the
best method to perform this research to get the best results and define the future scope of study
that explains the extent to which the research area will be explored in the work.

6
 Team Roles:
Member Name UID Roles

Devesh Panwar 22BCS11131 • COLLECTION AND MAKING

OF THE PROJECT

• TRAINING OF THE
PROJECT

• VISUALISATION OF THE
PROJECT

22BCS17086 • COLLECTION OF
Yash Shekhar RESOURCES
Nalin 22BCS16857
• VISUALISATION OF THE
PROJECT

• TRAINING OF THE PROJECT

Diksha Kumari 22BCS16005 • Testing of Project

Muskan Kaira 22BCS16007
• Graphics Design

• Color Selection

Fig: Work plan and Work distribution

Timeline of reported problem:

An OTP (one time password) was made to improve security and protect sensitivity
information accounts from unauthorized access.

Traditionally user authentication involved a simple username and password combination, which
could be vulnerable to hacking, phishing, or other form of cyber -attacks. An OTP system provides
an additional layer of security beyond traditional authentication methods by requiring users to
enter a unique password that is only valid for a single login session or transaction .

The need for OTP system was identified in response to the growing threat of cyber -attacks
and identify theft.

One of the earliest documented uses of OTPs dates back to the 1960s, when the US government
developed the S.A.M(Secure access module) system for securing access to computer systems.
The
S.A.M system used a “one time pad” method for generating OTPs, which involved the use of
pre- shared secret key that was used only once to encrypt a message. This system was widely
used in military and government contexts.

In the 1990s, the OTP system began to be used more widely in the commercial sector, particularly
7
vin the financial industry. One of the earliest commercial OTP -system was developed by OTP
system RSA security, which introduced the SecureID system in 1986. The SecureID system used
a small hardware device called a token that displayed a new OTP every minute.

Existing solutions:
There are a variety of solutions available to prevent the effects of cyber- attacks and online
theft. Some of these solutions include:

1. Use Strong Passwords: One of the easiest way to prevent cyber -attacks is to use strong
password. Strong passwords are typically long and complex and can be difficult for hackers
to guess or crack.

2. Two – Factor Authentication: Two – Factor authentication is an additional layer of

security that requires users to provide two forms of authentication, such as a password and a
verification code sent to their phone, to access their accounts. This can make it more difficult
for hackers to gain access to sensitive information.

3. Firewalls: Firewalls can be used to block unauthorized access to a network or computer system.
They work by analyzing incoming traffic and blocking any traffic that doesn’t meet certain
security criteria.

4. Anti – Malware software: Anti-Malware software can help in prevent malware and
other malicious programs from infecting a computer system. These programs can scan for
viruses, spyware, and other types of malicious software, and remove them if they are found.

5. Encryption: Encryption is the process of encoding data so that it can only be accessed
by authorized parties. This can help protect sensitive data from unauthorized access or theft.

Bibliometric analysis:
OTPs are generated only once and are valid for a short duration, making them difficult to reuse by
attackers.

Key Features:
1. OTPs are generated only once and are time sensitive.
2. OTPs are delivered via different channels such as SMS, email,or through mobile
app. 3.OTPs are usually used as a second factor authentication method.
4.OTPs can be generated through various algorithms such as TOTP (Time-based one-
time password).

Drawbacks:
1. If the OTP is sent via SMS, it can be intercepted by attackers through various methods such
as SIM swapping or SS7 attacks phishing attacks can be used to trick users into providing
OTPs o attackers.

2. In some cases, the user may lose their device or the device may be stolen, leading to a
potential compromise of the OTP generation process.

8
3. OTPs are only effective if the user is diligent in keeping their device secure and not sharing
OTPs with others.

Effectiveness:
1. OTPs provide an additional layer of security to the authentication method, which increases
the security of the overall authentication process.

2. OTPs are time-sensitive, which means they cannot be reused by attackers after a certain
duration, reducing the window of opportunity for attackers to gain unauthorized access.

3. OTPs are generated through various algorithms, which increases the complexity of the
OTP generation process and makes it difficult for attackers to predict the next OTP.

In conclusion, while OTP verification systems provide an additional layer of security to the
authentication process, they are not without their drawbacks. User must remain vigilant and take
precaution to ensure the security of their device and not share OTPs with others. Overall, OTPs
are an effective method of increasing security of the authentication process and are widely used in
various applications, including online banking and e-commerce.

Review Summary:
Based on the findings of the literature review on the OTP verification system, it is clear that OTPs
are a widely used method for providing an additional layer of security in the authentication
process.

This process information can be useful for a project on OTP verification systems, as it provides
a strong foundation for understanding the importance of OTPs and their effectiveness in
increasing the security of the authentication process.

In conclusion, the findings of the literature review on the OTP verification system can be used to
inform and guide a project on OTP verification system can be used to inform and guide a project
on OTP verification system, including understanding the importance of OTPs, their effectiveness
in increasing security, potential vulnerabilities, and the different algorithms available for
generating OTPs.

Problem Definition:
The problem definition in OTP verification system is to ensure that a user attempting to access a
system or perform a transaction is who they claim to be. This is achieved by sending a one-time
password to user’s registered mobile number or email address, which they then enter into the
system to verify their identity.

The main objective of OTP verification is to prevent unauthorized access to the system or account,
and protect against fraudulent activities such as identity theft and financial fraud. OTP verification
is commonly used in various industries such as banking, e-commerce, healthcare, and social media
platforms.

9
The main challenge in OTP verification system includes ensuring the security and confidentiality
of the OTP code during transmission and storage, preventing the misuse of OTPs, and designing a
user- friendly interface that is easy to use and understand.

To address this challenges, we have several methods:

1. Use longer OTPs: Longer OTPs can make it more difficult for hackers to guess or crack
the code. Instead of using a 4 or 6 -digit code, use a longer OTP with 8-10 digits.

2. Impliment Rate Limiting: Rate limiting can prevent brute-force attacks on the OTP
verification system. For example, you can limit the number of OTP attempts per minute or per IP
address.

3. Use multi-factor authentication: Multi-Factor authentication adds an additional layer of

security to the OTP verification system. For example, you can require users to enter a password
and an OTP, or use biometric authentication along with the OTP.

4. Implement Device Binding: Device binding can help prevent OTP theft and phishing
attacks. With device binding, the OTP is only is only valid for a specific device, such as a user’s
smartphone, and cannot be used on another device.

Goals/Objectives:
The goals and objectives of OTP verification system are:

1. Increased security: The primary goal of OTP verification system is to increase the security
of online transaction and services by providing a unique code that is valid for a limited time
period typically ranging from 30 second to a few minutes.

2. Protection against identity theft: OTP verification system helps to protect against identity
theft and fraud by ensuring that only authorized users have access to their accounts and personal
information.

3. Preventing unauthorized access: Preventing unauthorized access from hackers or

other malicious actors.

4. Improved user experience: OTP verification system provides a seamless user experience
by eliminating the need to remember complex passwords or answer security questions, making
the login process quick and easy.

5. Compliance with regulations: OTP verification system helps organization comply with various
regulations and other that require strong authentication mechanism to protect sensitive
information.

6. Reducing operational costs: OTP verification system reduces the costs associated with
password resets, account lockouts, and other support-related issues by providing a simple
and efficient verification process that requires minimal user intervention.

10
 Evaluation & Selection of Specification/Features
To evaluate and select specifications or features for OTP verification using GUI in python, you
can follow the steps below:

Identify the requirements: First, you need to identify the requirements for OTP verification
using GUI. Some of the requirements might be include the ability to generate OTP codes, the
ability to verify OTP codes, user-friendly GUI, support for multiple OTP delivery method(SMS,
email, etc.) and so on.

Brainstorm potential features: Once you have identified the requirements, you can brainstorm
potential features that can help meet those requirements. For example, if you want to support
many OTP delivery methods, you might consider adding a dropdown menu that allows users to
select the delivery method they prefer.

Prioritize features: Once you have a list of potential features, you need to prioritize them based
on their importance and feasibility. You can use a simple scoring system to rank each feature based
on factors like the level of effort required to implement the feature, the potential impact on user
experience, and the importance of the feature to the overall functionality of the OTP verification
system.

Develop a prototype: Once you have prioritized the features, you can start developing a
prototype that includes the most important features. This will allow to test the functionality of the
OTP verification system and refine the features based on the user feedback.

Test and iterate: After developing the prototype, you need to test the system and iterate based on
user feedback. This might involve adding or removing features, modifying the user interface, or
improving the overall functionality of the system.

Launch and monitor: Once the system is stable and all necessary features have been
implemented you can launch it and monitor its performance. You should continue to collect user
feedback and make improvements as necessary to ensure that the OTP verification system meets
the needs of your users.

Overall, the process of evaluating specifications and features for OTP verification using GUI
in python requires careful planning, prioritization, and testing to ensure that the system meets
the needs of your users and provides a reliable and user friendly experience.

Design Constraints
There are several design constraints to consider when creating an OTP verification system
using python and a GUI. Here are some important ones:

1 Security: The OTP verification system must be designed to ensure that the generated OTPs
are secure and cannot be easily guessed or intercepted by malicious actors.

2 User interface: The GUI must be designed in a user-friendly and intuitive way so that users can
11
easily navigate and use the system.

3 Integration: The OTP verification system must be designed to easily integrate with each
other systems, such as a user database or an authentication service.

4 Scalability: The system should be designed to handle a large number of OTPs request
and verification simultaneously.

5 Performance: The system should be designed to generate and verify OTPs quickly
and efficiently.

6 Error handling: The system should be designed to handle errors and exceptions
gracefully, providing users with informative error messages and logs.

7 Accessibility: The system should be designed to be accessible to all users, including those
with disabilities.

8 Maintenance: The system should be designed to be easy to maintain and update with
clear documentation and modular code.

By considering these design constraints you can create an effective and secure OTP verification
system using python and a GUI.

Design Selection
For selection of a design to develop a OTP verification system, we can follow the steps
given below:

1 Choose a GUI library: There are several GUI libraries available for python, such as
Tkinter, wxpython, etc. Choose one that you are comfortable with and that you meet your
requirements.

2 Design the GUI: Design the user interface for your OTP verification system. This can
include textboxes for entering phone numbers and OTPs, buttons for submitting the OTP, and
labels to display messages.

3 Integrate SMS API: To send OTPs to user’s phone, you will need to integrate an SMS API
such as Twilio into your python code. Once you have signed up for an account with an SMS
provider, you can obtain the API credentials that you need to send message.

4 Generate OTP: Write a function in python to generate OTPs. You can use the ‘random’
module to generate random numbers and the ‘string’ module to generate random strings. The
OTPs should be sent to the user’s phone number via SMS.

5 Verify OTP: Write a function to verify the OTP entered by the user. This function should
check whether the OTP entered by the user matches the OTP sent to their phone.

6 Test and deploy: Test your OTP verification system to make sure it works properly, and
then deploy it to your desired environment.
12
 Design Flow
Flowchart:
Below we have shared the block diagram of the project to depict how the entire system will work.

Sta
Start
rt
Input field for
Create a GUI Window mobile number and
OTP

Send OTP to user via

Generate a random OTP
SMS gateway
using python’s random
module

User enters OTP

Add a verify button for
OTP verification

OTPs match display verification

successful message
Compare entered OTP
with generated OTP

Add timer to expires OTP after set time

period
OTPs do End
not match display
error message and allow user
to retry

13
 Coding
The coding for creating OTP verification system is done in python coding language by usingvisual studio
code as integrated development environment (IDE) as software. We are also using graphical user interface
(GUI) for making this more interactive to user and for their comfort. GUI is a form of user interface that
allows users to interact with electronic device through a graphical icons.

CODE USED FOR CREATING THE OTP VERIFICATION

SYSTEM –

import tkinter as tk
from tkinter import messagebox
import random
import smtplib

def generate_otp():
otp = random.randint(1000,
9999) return otp

def send_otp():
email =
email_entry.get() if not
email:
messagebox.showerror("Error", "Please enter an
email address")
return

sender_email = "[email protected]"
password = "sfpjnqcuwgosgexc"

server = smtplib.SMTP('smtp.gmail.com', 587)

server.starttls()
server.login(sender_email, password)
14
 subject = "OTP Verification System using
Python" body = f"Your OTP is: {otp}"
message = f"Subject: {subject}\n\n{body}"

server.sendmail(sender_email, email, message)

server.quit()

messagebox.showinfo("Success", "OTP

sent!") def verify_otp():

entered_otp = otp_entry.get()
if entered_otp == str(otp):
messagebox.showinfo("Success", "OTP verified!")
else:
messagebox.showerror("Error", "Invalid OTP")

root = tk.Tk()
root.title("OTP Verification")
root.configure(bg='#F0F8FF')
root.geometry("300x200")

email_label = tk.Label(root, text="Enter email address:",

bg='#F0F8FF',font=("Serif", 10))
email_label.pack()

email_entry =
tk.Entry(root)
email_entry.pack()

15
send_button = tk.Button(root, text="Send OTP",font=("Serif",
10), command=send_otp)
send_button.pack()

otp_label = tk.Label(root, text="Enter OTP:", bg='#F0F8FF')

otp_label.pack()

otp_entry = tk.Entry(root)
otp_entry.pack()

verify_button = tk.Button(root, text="Verify OTP",font=("Serif",

10), command=verify_otp)
verify_button.pack()

otp = generate_otp()
print(f"Generated OTP: {otp}")

root.mainloop().

Explanation Of Code –

 import tkinter as tk: This line imports the tkinter module and

renames it to tk for convenience. The tkinter module provides a

powerful object- oriented interface to the Tk GUI toolkit and is

used to create the GUI for this script.

16
 from tkinter import messagebox: This line imports the

messagebox class from the tkinter module. The messagebox class

provides a set of dialog boxes that can be used to display

messages to the user.

 import random: This line imports the random module which

contains various functions for generating random numbers.

 import smtplib: This line imports the smtplib module which

defines an SMTP (Simple Mail Transfer Protocol) client session

object that can be used to send mail to any Internet machine

with an SMTP or ESMTP listener daemon.

 def generate_otp():: This line defines a function named

generate_otp. The function generates and returns a

random 4-digit OTP using the randint function from the

random module.

 otp = random.randint(1000, 9999): This line generates a random

integer between 1000 and 9999 (inclusive) and assigns it to the

variable otp.

 return otp: This line returns the value of the variable otp.

 def send_otp():: This line defines a function named send_otp. The

function sends an OTP to the email address entered by the

user in the GUI.

 email = email_entry.get(): This line gets the text entered

in the email_entry widget and assigns it to the variable email.

17
 if not email:: This line checks if the variable email is empty (i.e., if

the user has not entered an email address).

18
  messagebox.showerror("Error", "Please enter an email address"):

This line displays an error message using the

showerror method of the messagebox class if the user has

not entered an email address.

 return: This line exits the function if the user has not entered

an email address.

 The next few lines define some variables that will be used to send

an email using the SMTP protocol:

o sender_email = "[email protected]": This line defines the sender’s

email address.

o password = "sfpjnqcuwgosgexc": This line defines the password for the

sender’s email account.

o Note: It is not safe to store passwords in plain text in your code.

A safer approach would be to store them in environment

variables or use a password manager.

 The next few lines create an instance of the SMTP class and log in
to the

sender’s email account:

o server = smtplib.SMTP('smtp.gmail.com', 587): This line

creates an instance of the SMTP class and connects to

Gmail’s SMTP server on port 587.

o server.starttls(): This line starts TLS (Transport Layer Security)

encryption for the connection.

19
 o server.login(sender_email, password): This line logs in to the
sender’s

email account using the email address and password defined

earlier.

 The next few lines define some variables that will be used to

create an email message:

o subject = "OTP Verification System using Python": This line

defines the subject of the email.

o body = f"Your OTP is: {otp}": This line defines the body of the

email using an f-string. The f-string includes the value of the

variable otp.

o message = f"Subject: {subject}\n\n{body}": This line

creates a complete email message by concatenating the

subject and body with appropriate formatting.

 The next few lines send an email using the SMTP instance created
earlier:

 server.sendmail(sender_email, email, message): This line sends

an email from the sender’s email address to the recipient’s

email address (i.e., <Email>) with the message defined

earlier.

o server.quit(): This line terminates the SMTP session and

closes the connection to the server.

o messagebox.showinfo("Success", "OTP sent!"): This line

20
displays a success message using the

showinfo method of the messagebox class to inform the

user that the OTP has been sent.

21
 o def verify_otp():: This line defines a function named

verify_otp. The function verifies if the OTP entered by the

user in the GUI is correct.

o entered_otp = otp_entry.get(): This line gets the text

entered in the otp_entry widget and assigns it to the

variable entered_otp.

o if entered_otp == str(otp):: This line checks if the OTP

entered by the user is equal to the OTP generated by the script.

The str function is used to convert the integer value of otp to a

string for comparison.

o messagebox.showinfo("Success", "OTP verified!"): This line

displays a success message using the

showinfo method of the messagebox class if the OTP

entered by the user is correct.

o else:: This line specifies what should happen if the OTP

entered by the user is not correct.

o messagebox.showerror("Error", "Invalid OTP"): This line

displays an error message using the showerror method of

the messagebox class if the OTP entered by the user is not

correct.

 The next few lines create an instance of the Tk class and set some

properties for the main window:

 root = tk.Tk(): This line creates an instance of the Tk class. The

22
 Tk class is used to create a main window for a Tkinter

application.

 root.title("OTP Verification"): This line sets the title of the main

window

to “OTP Verification”.

23
  root.configure(bg='#F0F8FF'): This line sets the background

color of the main window to a light blue color.

 root.geometry("300x200"): This line sets the size of the main

window to 300x200 pixels.

 The next few lines create some widgets (i.e., graphical

elements) for the GUI:

 email_label = tk.Label(root, text="Enter email address:",

bg='#F0F8FF',font=("Serif", 10)): This line creates a Label

widget that displays some text and sets its properties. The

first argument (root) specifies that this widget should be

placed in the main window. The second argument

(text="Enter email address:") specifies that this widget

should display some text. The third argument (bg='#F0F8FF')

specifies that this widget should have a light blue

background color. The fourth argument (font=("Serif", 10))

specifies that this widget should use a Serif font with a size

of 10 points.

 email_label.pack(): This line uses the pack method to

place the email_label widget in the main window. The pack

method is one of several geometry managers available in Tkinter

that can be used to control the placement of widgets in a

window.

 email_entry = tk.Entry(root): This line creates an Entry widget that

24
allows the user to enter some text and sets its properties. The first

argument (root) specifies that this widget should be placed in

the main window.

25
 email_entry.pack(): This line uses the pack method to

place the email_entry widget in the main window.

 send_button = tk.Button(root, text="Send OTP",font=("Serif", 10),

command=send_otp): This line creates a Button widget that

displays some text and sets its properties. The first argument (root)

specifies that this widget should be placed in the main window. The

second argument (text="Send OTP") specifies that this widget

should display some text. The third argument (font=("Serif", 10))

specifies that this widget should use a Serif font with a size of 10

points. The fourth argument (command=send_otp) specifies that

this widget should call the send_otp function when clicked.

 send_button.pack(): This line uses the pack method to

place the send_button widget in the main window.

 otp_label = tk.Label(root, text="Enter OTP:", bg='#F0F8FF'): This line

creates another Label widget that displays some text and sets its

properties. The first argument (root) specifies that this widget

should be placed in the main window. The second argument

(text="Enter OTP:") specifies that this widget should display some

text. The third argument (bg='#F0F8FF') specifies that this

widget should have a light blue background color.

 otp_label.pack(): This line uses the pack method to

place the otp_label widget in the main window.

26
 otp_entry = tk.Entry(root): This line creates another Entry widget that

allows the user to enter some text and sets its properties. The

first argument (root) specifies that this widget should be placed

in the main window.

 otp_entry.pack(): This line uses the pack method to

place the otp_entry widget in the main window.

 verify_button = tk.Button(root, text="Verify OTP",font=("Serif", 10),

command=verify_otp): This line creates another Button widget that

displays some text and sets its properties. The first argument (root)

specifies that this widget should be placed in the main window.

The second argument (text="Verify OTP") specifies that this

widget should display some text. The third argument (font=("Serif",

10)) specifies that this widget should use a Serif font with a size of

10 points. The fourth argument (command=verify_otp) specifies

that this widget should call the verify_otp function when clicked.

 verify_button.pack(): This line uses the pack method to

place the verify_button widget in the main window.

 otp = generate_otp(): This line calls the generate_otp function to

generate an OTP and assigns the returned value to the variable

otp.

 print(f"Generated OTP: {otp}"): This line prints the generated

OTP to the console using an f-string. The f-string includes the

value of the variable otp.

27
 root.mainloop(): This line enters the Tkinter main loop. The main

loop is responsible for handling events such as button clicks and

updating the GUI. This line must be called last in a Tkinter

script.

28
 Implementation plan and methodology
1. Understand the requirements: Before starting the design it’s essential to understand the requirement of
the OTP verification system. This includes the purpose of the system, the userflow, and features of that the
system need to have. For example, in our case, we need to design a system that generates OTPs to
authenticate user’s phone numbers.

2. Choose a GUI library: As I mentioned earlier, there are several GUI libraries available forpython.
Choose one that meets your requirements and that you are comfortable with.
Consider factors like ease of use, documentation, community support, and compatibility withyour
development environment.

3. Plan the system architecture: Once you have a clear idea of the requirements and the GUIdesign, plan
the system architecture. This includes deciding on the programming language, libraries, and frameworks to
use. For our OTP verification system, we will be using python.

4. Write
the code: Now that you have a plan, start writing the code for your OTP verificationsystem.
Begin with the backend functionality, such as generating OTPs, sending SMS message and verifying
OTPs. Once the backend is ready move on to the GUI code and integrate it with backend functionality.

5. Testthe system: Test the system thoroughly to ensure that it works correctly and meets therequirements.
Test each component individually and the test the system as a whole. Use both positive and negative test
cases to ensure that the system handles all scenarios correctly.

6. Maintain the system: Regularly maintain the system to ensure that it remains up to dateand secure.
This includes updating libraries and frameworks, fixing bugs, and adding new features as required.

29
SCREENSHOTS / IMPLEMENTATION OF THE CODE –

Step 1 –

30
Step 2 –

31
Step 3 –

32
Step 4 –

33
Step 5 –

34
Step 6 –

35
Step 7 –

36
Step 8 –

37
4.1 Result and testing
The result of our semester project showcase the successful development and implementation
of OTP verification system based using python based on GUI. It verifies mobile number of
user by sending a unique OTP verification code during registration and login.

Future work
 Nowadays OTP verification is widely used in field of authentication. From a security
purpose, we expect to see the industry move in the direction of multimode biometrics
whichcombines identifiers like fingerprints, voice, face recognition, iris patterns to
produce high reliability biometrics matching. Combining biometric factors in this
manner can produce nearly flawless biometric matching that is hundred of times more
reliable than using a singlefactor.
 OTP verification can be combined with other authentication factors such as biometrics
(fingerprint, facial recognition), hardware tokens, or behavioral analysis for enhanced
security. Python can be used to integrate these additional authentication methods into
the OP verification system.
 As security threats evolve, there is a constant need to improve encryption techniques
to protect TPs during transmission and storage. Python can be used to implement
robust encryption algorithms and protocols.
 Future OT systems can leverage Python's asynchronous programming capabilities
to provide real-time OT delivery and synchronization across multiple devices.
 Python's extensive machine learning libraries, such as TensorFlow and scikit-learn, can be
utilized to build models that detect anomalous OT usage patterns. This can help identify
potential fraud or unauthorized access attempts. improving the overall security of the
system.
 Blockchain technology offers inherent security and transparency. Python can be used to
integrate OTP verification systems with blockchain networks, ensuring immutability
and traceability of OT transactions and enhancing the overall security and
trustworthiness of the system.
 With the increasing focus on data privacy and security regulations, future OT
verification systems may need to adapt to new requirements. Python can be used to
implement the necessary compliance measures and ensure adherence to these
regulations.

Remember, the future scope of OTP verification systems using Python is

not limited to these points, and new advancements and requirements
may arise as technology evolves. It is essential to stay updated with the
latest trends, security practices, and advancements in the field to design
and implement robust and secure OTP verification systems.

38
 Conclusion
OTP based secure authentication has been implemented and the result have been
incorporated in this paper. It is concluded that OTP as a stand - alone security system
provides a basic level of security. To enhance the level of security provided, OTP can be
multiplied with other security systems and biometric authentication. The backend database
can also be implemented using different languages like JavaScript for further enhancement of
security.

39