Objective

To secure the ticket booking process by integrating Two-Factor Authentication (2FA) during user login or payment steps, preventing unauthorized access and fraud in ticket reservations for events, travel, or entertainment.

What You’ll Get

• Secure login with 2FA (OTP via Email/SMS or Authenticator App)

• Safe ticket booking process with verified user identity

• Option to re-authenticate before payment or high-value bookings

• Admin control over enabling/disabling 2FA

• Logs of authentication attempts

Working Flow

1. User Registers/Login to the portal with email & password

2. System prompts for second factor – OTP (email/SMS) or TOTP (e.g., Google Authenticator)

3. After successful 2FA, user accesses booking dashboard

4. Selects ticket type (event/travel/movie) and books ticket

5. For sensitive actions (booking expensive VIP passes, cancellations), 2FA is re-triggered

6. Tickets are confirmed and sent via email/SMS

Key Features

Technology Stack

Security Features

• Encrypted password storage (BCrypt/Argon2)

• OTP expires in 5 minutes with retry limits

• IP and device logging on login

• Lock account after multiple failed attempts

• TOTP-based codes using SHA-1 and time window sync

Additional Modules (Optional)

• Booking history and ticket QR generation

• Notifications for login from new device

• CAPTCHA for login brute force prevention

• Admin panel to view suspicious activity

Why Choose This Project?

• Ideal for enhancing cybersecurity awareness in web systems

• Implements real-world 2FA flows used in banks and ticketing platforms

• Can be extended into multi-role platforms (user, admin, manager)