Cyber Authentication GUI (Educational)

Repository: cyber-auth-repo
Purpose: Educational authentication GUI built with Tkinter and SQLite — intended for cybersecurity learning, demo, and testing only. Do NOT use this code as-is in production.

Files

• authgui.py — main Tkinter application (user registration, login, password change/reset).
• README.md — this file.
• requirements.txt — minimal requirements.
• LICENSE — MIT license.
• .gitignore — Git ignore rules.
• SECURITY.md — notes, risks and recommended fixes.
• INSTALL.md — installation & packaging notes.

Quick start (run locally)

1. Make sure you have Python 3.8+ installed.
2. (Optional) Create and activate a virtual environment:

   python -m venv venv
   source venv/bin/activate   # on Windows: venv\Scripts\activate

3. Install optional tooling (see requirements.txt):

   pip install -r requirements.txt

4. Run the GUI:

   python authgui.py

   A users.db SQLite file will be created alongside the script.

Security & usage (READ THIS)

This project is for learning and testing. The application demonstrates password hashing (PBKDF2-HMAC-SHA256) and local storage in SQLite, but it has limitations:

• Local SQLite: Database file users.db is stored on disk without filesystem encryption.
• No account email verification or password strength checks.
• No secure UI protections (e.g., password input is a basic dialog).
• No protection against physical access or OS-level compromise.
• No rate-limiting beyond in-db attempt counter; consider stronger throttling and lockout policies.

See SECURITY.md for a list of improvements and recommended fixes before any real deployment.

License

MIT. See LICENSE file.

---

If you'd like, I can:

• Create a GitHub-ready README with screenshots and badges.
• Add unit tests and a CI config (GitHub Actions).
• Package into a single-file executable with pyinstaller.