Otentikasi Dua Faktor Menggunakan Totp dengan SHA-512 untuk Sistem Pemilihan Presiden Mahasiswa
Abstract
This study originated from the need for a secure election system in academic environments, particularly to address credential theft and cyberattack threats in the security of the Student Presidential election system. Ensuring security in student election systems presents a significant challenge, as conventional authentication methods are prone to voter identity authenticity manipulation. Therefore, this research proposes a two-factor authentication model using Time-Based One-Time Password (TOTP) based on the SHA-512 algorithm. This model provides an additional layer of security through time-based authentication and a stronger hash mechanism against attacks. Testing was conducted involving several user accounts from Gmail applications, where OTP codes were successfully sent to the users' email accounts. The results indicated that TOTP delivery and validation times ranged between 150 and 300 ms, with user satisfaction levels exceeding 80%. The implications of this study include enhanced security in the student presidential election system within academic environments and the potential for broader adoption in other fields requiring user authentication
References
D. Arisandi, S. Sukri, and M. B. Yusuf, “PEMERIKSAAN INTEGRITAS DOKUMEN DENGAN DIGITAL SIGNATURE ALGORITHM,” JOISIE J. Inf. Syst. Informatics Eng., vol. 4, no. 1, pp. 1–6, 2020, doi: 10.55601/jsm.v16i1.180.
F. Basya, M. Hardjanto, and I. Permana Putra, “SHA512 and MD5 Algorithm Vulnerability Testing Using Common Vulnerability Scoring System (CVSS),” Buana Inf. Technol. Comput. Sci. (BIT CS), vol. 3, no. 1, pp. 1–4, 2022, doi: 10.36805/bit-cs.v3i1.2046.
M. U. Noor, “Tanda tangan digital: otoritas pada arsip elektronik,” JIPI (Jurnal Ilmu Perpust. dan Informasi), vol. 6, no. 1, pp. 17–26, 2021.
M. M. Purba, “Perancangan E-Voting Untuk Pemilihan Bem Berbasis Web,” J. Sist. Inf. Univ. Suryadarma, vol. 5, no. 2, pp. 160–170, 2014, doi: 10.35968/jsi.v5i2.245.
L. Qadriah, S. Achmady, and Husaini, “Sistem Pengamanan Dokumen dengan Algoritma Time-Based One Time Password (TOTP) pada Two-Factor Authentation (2FA),” J. Sains dan Inform., vol. 9, no. November 2022, pp. 29–35, 2023, doi: 10.34128/jsi.v9i1.519.
A. Setiawan and A. I. Purnamasari, “Implementasi JSON Web Token Berbasis Algoritma SHA-512 untuk,” J. RESTI (Rekayasa Sist. dan Teknol. Informasi), vol. 1, no. 10, pp. 4–10, 2021.
L. G. R. Semesta and S. Amini, “Implementasi One Time Password Dengan Algoritma Secure Hash Algorithm 512 (SHA-512),” Skanika, vol. 1, no. 3, pp. 1206–1211, 2018.
A. Y. Fitriyansyah and M. Hazri, “Analisis Security Web Login Mahasiswa Menggunakan Algoritma Two-Factor Time-Based One Time Password,” Sainstech J. Penelit. dan Pengkaj. Sains dan Teknol., vol. 30, no. 1, pp. 1–14, 2020, doi: 10.37277/stch.v30i1.725.
M. A. M. Hayat, Abbas Reski, and Bakti Rizki Yusliana, “Desain Dan Implementasi Time Based One Time Password,” Muhyiddin, vol. 4, no. 1, pp. 16–23, 2022.
N. Sarah Hapsari, Y. Fatman, and E. Penulis Korespondensi, “Implementasi Metode One Time Password pada Sistem Pemesanan Online,” J. Media Inform. Budidarma, vol. 4, no. 4, pp. 930–939, 2020, doi: 10.30865/mib.v4i4.2195.
A. N. Sari and T. G. Abdillah, “Metode Absensi Mahasiswa berbasis QR Code dan Time-Based One-Time Password,” J. Inform. Polinema, vol. 7, no. 2, pp. 29–34, 2021, doi: 10.33795/jip.v7i2.492.
D. Tirfe and V. K. Anand, “A Survey on Trends of Two-Factor Authentication BT - Contemporary Issues in Communication, Cloud and Big Data Analytics,” in Contemporary Issues in Communication, Cloud and Big Data Analytics, H. K. D. Sarma, V. E. Balas, B. Bhuyan, and N. Dutta, Eds., Singapore: Springer Singapore, 2022, pp. 285–296.
G. Ali, M. A. Dida, and A. E. Sam, “Two-factor authentication scheme for mobile money: A review of threat models and countermeasures,” Futur. Internet, vol. 12, no. 10, pp. 1–27, 2020, doi: 10.3390/fi12100160.
M. A. Al Hilmi, A. Sumarudin, and W. P. Putra, “One-Time-Password (Otp) Dengan Modifikasi Vigenere Chiper Dan Perangkat Usb Berbasis Microcontroller, Sensor Fingerprint, Dan Real Time Clock (Rtc) Untuk Autentikasi Pengguna Pada Akses Aplikasi Web,” Cyber Secur. dan Forensik Digit., vol. 3, no. 2, pp. 6–11, 2020, doi: 10.14421/csecurity.2020.3.2.2082.
N. W. K. Syah, M. I. Sani, and S. J. I. Ismail, “Alat Bantu E-voting Dengan Sensor Sidik Jari,” in eProceedings of Applied Science, 2021, pp. 2726–2744.
P. J. F. Bemida, A. M. Sison, and R. P. Medina, “Modified SHA-512 Algorithm for Secured Password Hashing,” in 2021 Innovations in Power and Advanced Computing Technologies (i-PACT), IEEE, 2021, pp. 1–9.
T. Velmurugan and S. Karthiga, “Security based Approach of SHA 384 and SHA 512 Algorithms in Cloud Environment,” J. Comput. Sci., vol. 16, no. 10, pp. 1439–1450, 2020, doi: 10.3844/jcssp.2020.1439.1450.
L. Adelson et al., “Smart Login Pada Website Dengan Menggunakan Qr Code Dan Otentikasi One Time Password,” in SNASTIKOM 2020, 2020, pp. 425–430. [Online]. Available: www.snastikom.com
C. Ozkan and K. Bicakci, “Security Analysis of Mobile Authenticator Applications,” 2020 Int. Conf. Inf. Secur. Cryptology, ISCTURKEY 2020 - Proc., pp. 18–30, 2020, doi: 10.1109/ISCTURKEY51113.2020.9308020.
I. Gordin, A. Graur, and A. Potorac, “Two-factor authentication framework for private cloud,” in 2019 23rd International Conference on System Theory, Control and Computing, ICSTCC 2019 - Proceedings, IEEE, 2019, pp. 255–259. doi: 10.1109/ICSTCC.2019.8885460.
I. T. Plata and J. L. Calpito, “Application Of Time-Based One Time Password ( TOTP ) Algorithm For Human Resource E-Leave Tracking Web App,” Int. J. Sci. Technol. Res., vol. 9, no. 03, pp. 4070–4077, 2020.
Copyright (c) 2025 Diki Arisandi, Seri Hartati, Givo Vrabora

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Authors retain copyright and grant the EXPLORER right of first publication with the work simultaneously licensed under a Creative Commons Attribution License (CC BY-SA 4.0) that allows others to share (copy and redistribute the material in any medium or format) and adapt (remix, transform, and build upon the material) the work for any purpose, even commercially with an acknowledgement of the work's authorship and initial publication in EXPLORER.
Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in EXPLORER.
Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).