Implementation and System Design• Database: PostgreSQL• Web API: Django Rest Framework with Python• Desktop frontend: NodeJS, AngularJS, HTML, Bootstrap, SASS• Mobile frontend: NodeJS, Ionic, AngularJS• OS: Ubuntu Linux• The system uses the MVC pattern with a client–server architecture• Version control: Gogs.io

Senior Project Spring 2018

BreazeHome 4.0 Account Security and Recovery

Student: Ronny Alfonso, Florida International UniversityMentor: Yuzhou (Aaron) Feng, Florida International University

Professor: Masoud Sadjadi, Florida International University

Problem• Need the registration process to include the

security question and the answer• User cannot reset his/her password• Need these functionalities available in the

desktop and mobile application• Database populated with unrecoverable

accounts

Acknowledgement

School of Computing & Information SciencesFOLLOW US @FIUSCIS

Current System• Web-based real-estate application• Provides property information and

services for home buyers, sellers, renters and realtors

• Designed to be simple and to have an intuitive user interface

Requirements• The security question and the answer

must be optional in the registration form• User’s account security must not be

compromised• Keep the user informed throughout the

whole process• The answer to the security question must

be hashed before being saved • User must be able to reset the password in

both versions

Reset The Password Sequence Diagram

Screenshots

Verification & Summary● User is allowed to enter the security question in the

registration process● User can reset password using a desktop computer and a

mobile device● Frontend Mobile verification done by testing pages with

Ionic Lab● Frontend Desktop testing performed using Browser

Automation Tool Selenium● The implementation has three security layers to prioritize

the integrity of the user private information

Solution• User friendly and easy to use desktop and

mobile version• The user can reset his/her password in

any of both versions• The implementation has three security

layers

The material presented in this poster is based upon the work supported by: Aaron Feng, Hao Ren, Leila Sahedi.I am thankful to the help that I received from my group members: Alex Dubuisson, Alexander Mohamed, Andreina Rojas, Andrew Christancho, Brandon Cajigas, Davi Guerra, Eithel Sierra, Elio Rosabal, Fernando Serrano, Jorge Cura, Lester Hernandez, Lyda Caballero and Richard Roda

1. First step to reset the password 2. Screen to enter the token

3. Screen showing the security question and the answer field

4. Final screen to change the password

Reset the password desktop version Reset the password mobile version

1. First step to reset the password

2. Enter the token 3. Security question and the answer

4. Final screen to change the password