Keamanan Sistem Login Menggunakan Multifactor Authentication dan Algoritma Hashing
Abstract
Login system security is a crucial aspect in digital application development to protect user personal data. This research aims to implement a modern hashing algorithm, Argon2, and add a security layer through Multi-Factor Authentication (MFA) using One-Time Password (OTP) codes. The Argon2 algorithm was chosen because it is memory-hard, configurable, and more resistant to brute-force attacks and rainbow table attacks. The system development method used is the Waterfall method, where the system is developed using the Kotlin programming language with the Jetpack Compose architecture, and the Firebase Authentication and Firestore databases. An OTP is sent to the user after successful registration as additional verification. Implementation results show that the time cost parameter in Argon2id significantly affects hashing execution time, with higher values improving security while remaining within performance tolerances. The combination of Argon2 and MFA successfully provides a more secure login system and is more resilient to cyberattacks than traditional authentication methods. Test results indicate that the Time Cost parameter in Argon2id significantly impacts hashing time. With the following configurations: Time Cost = 1 → 2.028 ms, Time Cost = 2 → 48.623 ms, and Time Cost = 3 → 71.219 ms. Higher parameter values increase execution time but also increase resistance to brute-force attacks. The combination of the Argon2 algorithm and MFA methods results in a more secure and reliable login system than traditional authentication, while remaining responsive in application performance.
Downloads
References
[2] A. Fitriani, Sfenrianto, G. Wang, and A. Susanto, “Examining the security issues of automated teller machine based on revised technical acceptance model,” Telkomnika (Telecommunication Comput. Electron. Control., vol. 14, no. 4, pp. 1521–1526, 2016, doi: 10.12928/TELKOMNIKA.v14i4.2920..
[3] B. O. ALSaleem and A. I. Alshoshan, “Multi-Factor Authentication to Systems Login,” Natl. Comput. Coll. Conf.,2021,[Online].Available: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=9428806&isnumber=9428786.
[4] D. D. and D. K. A. Biryukov, “Argon2: New Generation of Memory-Hard Functions for Password Hashing and Other Applications,” IEEE Eur. Symp. Secur. Priv., pp. 292–302, 2016, doi: 10.1109/EuroSP.2016.31.
[5] J. Informatika, F. Teknik, U. P. Semarang, G. P. Lantai, K. Jl, and S. Timur, “IMPLEMENTASI MULTI-FACTOR AUTHENTICATION ( MFA ) DENGAN METODE HASHING ( SHA-256 ) UNTUK MENINGKATKAN KEAMANAN PENGGUNA E-COMMERCE Tahap terakhir adalah Implementasi , di mana sistem MFA dikembangkan menggunakan dengan implementasi algoritma SHA-256 , sem,” vol. 9, no. Sens 9, pp. 624–630, 2024.
[6] Suendri, “Hashing Argon2 Untuk Keamanan Password Pada Sistem Berbasis Web,” J. Islam. Sci. Technol., vol. 4, no. 1, pp. 46–56, 2019.
[7] Lucas Lee, Hash Power: Cryptographic Hash Functions and Their Applications. Norwegia: Publifye AS, 2025.
[8] R. Renaldy and J. Informatika, “PENERAPAN MULTI-FACTOR AUTHENTICATION MENGGUNAKAN,” vol. 9, no. Sens 9, pp. 638–650, 2024.
[9] S. Eum, H. Kim, M. Song, and H. Seo, “Optimized Implementation of Argon2 Utilizing the Graphics Processing Unit,” Appl. Sci., vol. 13, no. 16, 2023, doi: 10.3390/app13169295.
[10] P. A. Johnston, “Login System,” Manchester, 2005.
[11] D. Marisa Khairina, “Analisis Keamanan Sistem Login,” J. Inform. Mulawarman, vol. Vol. 6 No., no. 2, pp. 64–67, 2011.
[12] R. Sofana, Iwan & Primarthe, Network Security Dan Cyber Security. Bandung: Informatika, 2019.
[13] A. W. Samsico, “Desain Algoritma Randomisasi pada persoalan Hashing: Studi Kasus SPOJ 40643 AHASHREV - The Revenge Of Anti Hash,” 2024.
[14] I. Malviya and T. Chetty, “International Journal on Recent and Innovation Trends in Computing and Communication: Performance and Limitation Review of Secure Hash Function Algorithm,” Int. J. Recent Innov. Trends Comput. Commun., vol. 7, no. 6, pp. 48–51, 2019, [Online]. Available: http://www.ijritcc.org.
[15] K. Phan, “Implementing Resiliency of Adaptive Multi-Factor Authentication Systems,” vol. 65, pp. 1–96, 2018,[Online].Available:https://repository.stcloudstate.edu/msia_etdshttps://repository.stcloudstate.edu/msia_etds/65.
[16] T. Suleski, M. Ahmed, W. Yang, and E. Wang, “A review of multi-factor authentication in the Internet of Healthcare Things,” Digit. Heal., vol. 9, 2023, doi: 10.1177/20552076231177144.
[17] M. Fanti, Implementing Multifactor Authentication: Protect Your Applications from Cyberattacks with the Help of MFA. Packt Publishing, 2023. [Online]. Available: https://www.google.co.id/books/edition/Implementing_Multifactor_Authentication/r-zDEAAAQBAJ?hl=id&gbpv=1.
[18] I. Yurita, M. Kevin Ramadhan, M. Candra, and U. Muhammadiyah Kotabumi, “Pengaruh Kemajuan Teknologi Terhadap Perkembangan Tindak Pidana Cybercrime,” J. Huk. Leg., pp. 144–155, 2023, [Online]. Available: https://jurnal.umko.ac.id/index.php/legalita/article/view/995.
[19] K. Mubarok and M. A. Romli, “Implementation of Rule Based Method in Detecting Brute Force Attacks on Owncloud Implementasi Metode Rule Based dalam Mendeteksi Serangan Brute Force pada Owncloud,” vol. 5, no. January, pp. 159–167, 2025.
[20] M. C. Sinaga, Kriptografi Python. Tarutung, 2017. [Online]. Available: https://books.google.co.id/books?id=HCroDwAAQBAJ&printsec=frontcover&hl=id&source=gbs_ge_summary_r&cad=0#v=onepage&q&f=false.
[21] Y. Mulyanto and A. Algi Fari, “ANALISIS KEAMANAN LOGIN ROUTER MIKROTIK DARI SERANGAN BRUTEFORCE MENGGUNAKAN METODE PENETRATION TESTING (Studi Kasus: SMK NEGERI 2 SUMBAWA),” J. Inform. Teknol. dan Sains, vol. 4, no. 3, pp. 145–155, 2022, doi: 10.51401/jinteks.v4i3.1897.
[22] A. R. Naufal, D. A. Nawangnugraeni, and A. T. Suseno, “Rancang Bangun Sistem Informasi Point of Sale Multi Outlet Dengan Menggunakan Framework Laravel Di Koperasi Itsnu Pekalongan,” J. Tek. Inf. dan Komput., vol. 5, no. 2, p. 280, 2022, doi: 10.37600/tekinkom.v5i2.591.
[23] R. Permana, A. Abdilah, Fuad Nur Hasan, and Mahmud Syarif, “Estimation Effort Pengembangan Software Inventory PT. Infinity Global Mandiri Menggunakan Metode Use Case Point,” J. RESTIKOM Ris. Tek. Inform. dan Komput., vol. 5, no. 2, pp. 73–84, 2023, doi: 10.52005/restikom.v5i2.144.
[24] M. Shalahuddin and R. A. Sukamto, “Rekayasa Perangkat Lunak Terstruktur dan Berorientasi Objek Edisi Revisi,” pp. 25–41, 2018.
[25] “Mengenal Android Studio,” Developers.Android. [Online]. Available: https://developer.android.com/studio/intro?hl=id.
[26] Fauzan M, Rinandi A, and Maulid H, “Jago Menabung Aplikasi Untuk Mengelola Uang Saku Bebasis Mobile,” e-Proceeding Appl. Sci., vol. 10, no. 1, pp. 419–425, 2024, [Online]. Available: https://openlibrarypublications.telkomuniversity.ac.id/index.php/appliedscience/article/view/22496/21647.
[27] R. Risqi and A. Herlambang, “Penggunaan Firebase Analytics pada Pengembangan Aplikasi Mobile I ’ m UII dengan Framework Flutter,” Automata, vol. 4, 2023, [Online]. Available: https://jurnal.uii.ac.id/AUTOMATA/article/view/28841.
[28] N. Telaumbanua, M. Yusuf, and A. Saifudin, “Implementasi Aplikasi Stock Opname Dengan Metode Waterfal,” Jubitek J. BIG DATA DAN Teknol. Inf., vol. 1, pp. 61–83, 2023.
[29] Y. F. and C. Taurusta, Buku ajar rekayasa perangkat lunak terstruktur dan berorientasi objek. Umsida Press, 2021. doi: https://doi.org/10.21070/2018/978-602-5914-09-6.
[30] W. Setiyaningsih, KONSEP SISTEM PENDUKUNG KEPUTUSAN, vol. 1. 2015.
This work is licensed under a Creative Commons Attribution 4.0 International License.
.png)
.png)
