We were inspired by wireless and Bluetooth-based systems for unlocking other devices, such as with cars and laptops. These devices help ensure the owner is nearby as an extra layer of security. We applied this principle to an ESP32 and combined it with a servo to securely log in to the system.

What it does

First, the ESP32 uses Bluetooth Low Energy to detect a specific phone's unique identifier. Once it does so, the ESP32 will check the position of a servo - if it is held at the correct position for two seconds, the user will be logged in. This prevents both brute-force style password attacks and device spoofing attempts.

How we built it

We used an ESP32 - a microcontroller inspired by the Arduino - and wired it to a servo. We also utilized the on-board Bluetooth module of the ESP32 to scan for a particular Android phone's Bluetooth identifier.

Challenges we ran into

We first tried scanning for the phone's Bluetooth MAC identifier, but we discovered that this value was randomized. Therefore, we utilized the device's unique name instead.

Accomplishments that we're proud of

We are proud that we were able to achieve the multi-factor authentication using an ESP32.

What we learned

We learned much more about Bluetooth Low Energy devices and scanning, as well as using an ESP32 to detect a Servo's position. One member had little prior experience with ESP32s, the Arduino IDE, and had never participated in a hackathon before, so he was given an enriching introduction to the intersection of coding and hardware.

What's next for Securely Logging in to an ESP32

We hope to create a more robust interface that the user is greeted with once logging in. We also will try to make the log in process more secure by adding steps to rotating the servo - similarly to that of a rotary combination lock.

Built With

Share this project: