Jump to content

Programming Challenge: Adaptive Multi-Factor Authentication (MFA) System (Jan 25, 2025)

Jessica Brown
in Programming Challenges

Featured Replies

Posted

Challenge:

Design and implement a basic adaptive MFA system that enhances security while minimizing friction for users. The system should prompt for MFA only when risk factors are detected (e.g., logging in from a new device, unusual location, or repeated failed login attempts).

Basic Requirements:

Implement user authentication with a username and password.
Implement MFA using a One-Time Password (OTP) (via email, SMS, or authenticator app).
Introduce risk-based authentication, triggering MFA only when certain conditions are met (e.g., new IP, failed login attempts).

Bonus Features for Enterprise-Level Security:

🔹 Device Fingerprinting: Store known devices and only require MFA on new ones.
🔹 Geolocation & IP Checks: Flag logins from unusual locations.
🔹 Behavioral Analysis: Detect anomalies in login behavior (e.g., too many login attempts, high-speed location changes).
🔹 OAuth/OpenID Integration: Implement MFA with OAuth2, OpenID Connect, or SAML.
🔹 Integration with an IAM System: Use services like AWS Cognito, Okta, or Microsoft Entra ID.
🔹 Adaptive MFA Bypass: Allow trusted users to log in with passwordless authentication if low risk is detected.

Example Implementation (Python + Flask + OTP)

import random
import time

# Sample user database with last login IP and last login timestamp
users = {
    "jessica": {"password": "secure123", "last_ip": "192.168.1.1", "last_login": time.time()}
}

def requires_mfa(username, current_ip):
    user = users.get(username)
    if not user:
        return False  # User not found

    # MFA triggers:
    if current_ip != user["last_ip"]:  # New IP detected
        return True
    if time.time() - user["last_login"] > 86400:  # 24-hour timeout
        return True
    return False

def generate_otp():
    return random.randint(100000, 999999)  # 6-digit OTP

# Simulate login
username = "jessica"
current_ip = "203.0.113.42"  # Simulating a new IP
if requires_mfa(username, current_ip):
    otp = generate_otp()
    print(f"MFA Required! Your OTP is: {otp}")
else:
    print("Login successful, no MFA needed.")
  • Views 144
  • Created
  • Last Reply

Create an account or sign in to comment

https://codenamejessica.com/forums/topic/259-programming-challenge-adaptive-multi-factor-authentication-mfa-system-jan-25-2025/
Go to topic listing

Important Information

Terms of Use Privacy Policy Guidelines We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.