A secure authentication system based on the Zero Trust Architecture (ZTA) model. This project integrates Multi-Factor Authentication (MFA) using password, One-Time Password (OTP), and biometric face recognition with anti-spoofing detection to ensure robust user verification.
- Zero Trust Architecture (ZTA) principles
- Password Authentication with hashed storage
- Email-based OTP Verification
- Face Recognition with real-time anti-spoofing
-
Clone the repo
git clone https://github.com/duythucvnu/zero-trust-mfa.git cd zero-trust-mfa -
Install dependencies
pip install -r requirements.txt
-
Run the app
streamlit run app.py
- Users are authenticated by matching their real-time face from webcam with the stored profile image.
- Anti-spoofing ensures the face is live and not a photo, video, or mask using a YOLO-based model.
- Verify Explicitly: MFA with email OTP and facial biometrics
- Least Privilege Access: Only valid users access system resources
- Assume Breach: All access is re-verified; spoof attempts are blocked
Click the thumbnail to see the demo of our project.
This project is licensed under the MIT License.