DEV Community

Cover image for 2 Factor Authentication Using an External Drive
Atharv Attri
Atharv Attri

Posted on

2 Factor Authentication Using an External Drive

We live in a world where nothing is secure. You want to keep yourself and your data safe. To help assist with this, I made Physical2FA.

Physical2FA allows 2 Factor Authentication through an external drive.

What do you want to do?

No matter the reason, you're here reading this because you want to encrypt your files, and then make sure that no one else can see them. You could just make a file on your computer, but the key will also be on there so it won't be secure. To solve that problem, I've created a Python module called Physical2FA.

How it works

So the way that I've made Physica2FA is that you have a python program that encrypts and decrypts your files, and the key to encrypt/decrypt is only stored on a separate, secure, external drive.
Physical2FA uses a Fernet encryption, if you want to know more about a Fernet encryption you should check out If you're struggling picking a Crypto suite … Fernet may be the answer by Prof Bill Buchanan OBE, he explains it really well.

I'll guide you through setting up Physical2FA and using it. But before we start, It's a good time to say that you should not use Physical2FA on important files. The chances are slim, but there is still a chance that your files may not get encrypted, or you may not be able to decrypt it. Especially for the first time, you should create a testing directory.
I'm remaking the directory that was shown in the README.md file on Physical2FA's Github Page. Here is the image:
Encryption_explanation

I'm just going to make up to the files in subdir 2.2.1.1. I will not make subdir 2.2.1.1.1 since there is no use in making it. For where it says files, I just created a .txt file that says "Hello World, This is a secret!" in it.
Before we start, find an external drive, be it a USB or SD card. Then you want to change the drive letter, if it already isn't, to "D". You can find out how here. This is very important!

Once you have that done, install Physical2FA and Cryptography using

 
pip install Physical2FA
pip install cryptography

Writing The Key

Writing a key is very simple. You just need to write the following code in a file called lock.py:

from Physcial2FA import write_key

write_key
Enter fullscreen mode Exit fullscreen mode

Once you have a key written, You should forget that the write_key function even exists. Write_key has functionality to write to a different filename, but the encrypt and decrypt function can only read key.key. So if you make another key, you should make sure that everything is decrypted. Bottom-line: DON'T USE WRITE_KEY MORE THAN ONCE UNLESS EVERYTHING IS DECRYPTED!

Encryption

When I made Physical2FA, I didn't want people to spend a lot of time encrypting and decrypting. Would you really spend 5 minutes to keep your files secure? No, that's a waste, so I designed Physical2FA so that everything can be encrypted and decrypted in under a minute, and 2 lines of code.
To encrypt put the following code in lock.py:

from Physical2FA import encrypt

encrypt
Enter fullscreen mode Exit fullscreen mode

Easy as that! Before running your code, make sure that the file is in the directory that you want to encrypt. It will encrypt up to 5 subdirectories. If you want to know what that seems like, check the directory structure that was shown earlier. Anything in green will be encrypted.

Decrypt

Decrypting is almost the same as encrypting. You just need to change out the encrypt with decrypt:

from Physical2FA import decrypt

decrypt
Enter fullscreen mode Exit fullscreen mode

This is the one time that if your file is not named lock.py, you will lose your files. You can try to recover it using the fail-safe in the GitHub repo, but try to avoid that from happening. Another thing to mention is that see how I'm not importing encrypt and decrypt at the same time? That's because they both look for different things, and if you import them both, it will cause errors and prevent the files from encrypting/decrypting.

A word of Advice and Closing

I highly recommend that you go and read the README.md at (https://github.com/Atharv-Attri/Physical2FA). It goes over a lot more on the safety side and what you can do to prevent data loss.

To be clear, I'm not responsible for any situation that may arise from using Physical2FA. Even if you follow all the directions, you may still lose your files. Use your own judgment on what files you should encrypt. By using Physical2FA, you release me and anyone else associated with the program from any and all liabilities.

That's all! Hope you keep your files secure!

Top comments (0)