Traditional password authentications are highly vulnerable to malicious attacks. On the other hand, two-factor authentications often require expensive technologies. We created an inexpensive two-factor authentication method that is both efficient and secured with publicly available APIs.

What it does

We created a website and Chrome extension that combines face and gestures recognitions for two-factor authentication of website logins. Through the webcam, the application compares user's face and identifies the correct user from the application's database. After the user's identity has been verified, the user then enter his or her password through the Myo Armband. If the user is authenticated, his or her login credentials will be filled automatically when visit certain websites.

How we built it

For our backend, we use AWS, Go, and NGINX to build the server that handles all the HTTP POST and GET requests. We use MySQL as the database to store users' face images. For the front-end, we use HTML, CSS, JavaScript, and jQuery.

Challenges we ran into

Our original idea involved using Emotiv and EEG to detect the excitement levels of the user's brain. Unfortunately, we received the wrong hardware and the Emotiv's connection USB was not compatible with the Emotiv. After changing our project into the current idea, we ran into several challenges, mainly when making requests from the client and server. For example, when capturing faces through webcam and sending the images through JavaScripts, we need to first blob the image and set up the correct boundaries. In addition, it was pretty challenging to build an efficient and scalable website server capable of handling all the requests.

Share this project: