Main Content

Multifactor RFID and One Time Password Door Access Module

RFID access to doors is great, but what if the tag gets lost or stolen? It gives any possessor unvetted access.

I’ve used RFID tags for a long time but the inherent security of standard cards is the same across most systems and many tags can be duplicated with simple tools. Only the expensive commercial systems can’t be copied or employ their own multifactor system such as a pin and/or fingerprint in combination with the tag being read.

A step further is to use a Time Based One Time Password (TOTP) in combination with the relatively low security of the RFID to be able to gain access.

Most of you probably use multifactor authentication in some form in your lives already - For example when a bank sends you an SMS code to authorize a transaction or logging in to some websites. For example, Facebook can be configured to force you to enter a special code generated by your phone when logging in to your account from a new computer.

Inspiration for this project came from this Instructable published by Adimiller. Employing a simple one time password is pretty good security but their system has some disadvantages. I came up with my own version but taking it to the next level by adding some extra hardware to make it multi-factor with RFID and some backup features.

The core components of the system are:

- ESP32 Module
- DS3231 RTC
- TTP223 Capacitive touch keypad
- A 26 bit Wiegand RFID reader of your choice (125mhz or 13.56khz) and compatible tags
- Components for an output - i.e relay module or FET/transistor board (or use my PCB)
- 2 X WS2812b LEDs of your choice.
- 0.91” 128X32 OLED Display”

Link to article