Intelligent access control based on ESP32 and TFT LCD

Fisher2 7212 9

Treść została przetłumaczona

Zobacz oryginalną wersję tematu

Report a violation of the law

Reply Cool? Ranking DIY | New topic

Notify about new articles

📢 Listen (AI):

» | Topic author Helpful post? (+2)

Post #1
19587217 30 Aug 2021 11:46

Smart home is becoming more and more common as technology advances, this article will focus on the security aspects of intelligent access control design.
This article uses the STONE touch screen to send commands to the MCU to control the relay and MFRC522 module.
Card reading principle: by running the RFID-RC522 module, identify the ID card ID near the ID card, then determine whether the ID exists in the database of common words, ID is the typical word value, if the existence of verification by, then print the corresponding name, then drive the lock electromagnetic in the same way.

Required materials

ESP32
KOB electronic lock
Relay
STONE STWI070WT-01 touch panel
MFRC522 module

Functions performed

1.card registration.
2. registration of username and password.
3. swiping the card to unlock the electronic lock.
4. Registering a username and password to unlock the electronic lock.

Main equipment Description

RFID module

This module can be directly loaded into various reader modules. It uses a voltage of 3.3V, through the SPI interface with just a few wires. Directly connected to the CPU motherboard, the module can work stably and reliably as a proximity card reader.

Wiring diagram

GUI design

Code: Python
Log in, to see the code

video demo

Cool? Ranking DIY
About Author
Fisher2 Fisher2

Level 3
Offline

Joined: 08 Dec 2020

Posts: 39

Posts rating: 5

Points: 438
Fisher2 wrote 39 posts with rating 5. Been with us since 2020 year.
ADVERTISEMENT
#2 19591435 01 Sep 2021 20:48

zgierzman zgierzman

Level 31

» | Helpful post? (0)

Post #2
19591435 01 Sep 2021 20:48

Fisher2 wrote:
Identify the ID card ID near the ID card, then determine whether the ID exists in the database of common words, ID is the typical word value, if the existence of verification by, then print the corresponding name, then drive the electromagnetic lock in the same way.

This is an automatic translation of google translate from Swahili? Because it is certainly not in Polish ...

How is it with the security of such a solution? As far as I know, cloning UNIQUE or MIFARE cards is not a big deal. A topic for gimbazy, not for the patrons of the Black Hat conference ...

https://timdows.com/projects/using-a-mobile-phone-to-clone-a-mifare-card/
ADVERTISEMENT
#3 19591763 02 Sep 2021 01:58

JohnKaldachar JohnKaldachar

Level 7

» | Helpful post? (+1)

Post #3
19591763 02 Sep 2021 01:58

Has anyone already figured out why who needs this "intelligent" house? ? What are the real benefits and savings (where)?
And the most important question. After what time the user of this house turns off all these "intelligences"?
ADVERTISEMENT
#4 19591788 02 Sep 2021 05:52

Slawek K. Slawek K.

Level 35

» | Helpful post? (0)

Post #4
19591788 02 Sep 2021 05:52

What's smart here?

Greetings
#5 19591954 02 Sep 2021 09:25

zgierzman zgierzman

Level 31

» | Helpful post? (+3)

Post #5
19591954 02 Sep 2021 09:25

JohnKaldachar wrote:
Has anyone already figured out why who needs this "intelligent" house? ? What are the real benefits and savings (where)?
And the most important question. After what time the user of this house turns off all these "intelligences"?

I live in a normal house, where to turn on the light in the toilet I have to press the button on the wall next to the door, and I can't do it through the app on my phone from the other side of the world.
So I will not comment on my own experience, but I perceive it as a hobby. Some spend a fortune on postage stamps, others on fishing equipment, others stick spoilers to well-worn automotive monuments. So why not play around with turning on a bedside lamp remotely, taking the temperature at three points in each room along with drawing graphs, and not having control over your home microwave oven when you're on vacation in some exotic location?
#6 19594971 04 Sep 2021 12:49

JohnKaldachar JohnKaldachar

Level 7

» | Helpful post? (0)

Post #6
19594971 04 Sep 2021 12:49

Yes, great fun. Control of the on / off microwave oven. It makes sense" .
ADVERTISEMENT
#7 19597526 06 Sep 2021 10:15

Fisher2 Fisher2

Level 3

» | Topic author Helpful post? (0)

Post #7
19597526 06 Sep 2021 10:15

I'm learning all kinds of things, I'm not a professional I won't do that well, it's just because I'm interested in it.

It certainly has many flaws, and if you can do better I would be very willing to learn, after all, I am still a novice.
#8 19599705 07 Sep 2021 20:58

gulson gulson

System Administrator

» | Helpful post? (0)

Post #8
19599705 07 Sep 2021 20:58

Don't worry, thanks for presentation!
#9 19599924 07 Sep 2021 23:27

zgierzman zgierzman

Level 31

» | Helpful post? (0)

Post #9
19599924 07 Sep 2021 23:27

I think, in very first post should be information about nationality and language of the member. For now, it's impossible to know, that @Fisher2 is chinese. It is shown it his second post, not at beginning.

And second thing, it would be nice, if author was write at the beginning: "sorry, this is automatic translation, original text is here:..."
#10 19600342 08 Sep 2021 11:11

Fisher2 Fisher2

Level 3

» | Topic author Helpful post? (0)

Post #10
19600342 08 Sep 2021 11:11

I will pay attention to it.
Create an account, log in here. You will receive points by participating in discussions.
Join this discussion.

Install Elektroda application

Didn't find an answer? Ask Artificial Intelligence

*I agree to send the question to OpenAI, Anthropic PBC, Perplexity AI, Inc., Kagi Inc., Google LLC - owners of language models in order to prepare the best response. The companies may monitor and log information entered into the form.

*I agree to publicly display my question and answer. The question and answer will be publicly available to everyone. The process may take a few minutes. Upon completion, you will be redirected to the page with the answer.

Wait...(2min)

Reply Cool? Ranking DIY | New topic

Notify about new articles

📢 Listen (AI):

Report a violation of the law

Topic summary

✨ The discussion revolves around the implementation of an intelligent access control system utilizing an ESP32 microcontroller and a STONE touch screen. The system integrates an MFRC522 RFID module for card reading, allowing users to register cards, usernames, and passwords to control an electronic lock via a relay. Concerns about the security of such systems are raised, particularly regarding the ease of cloning RFID cards. Participants express skepticism about the practical benefits of smart home technology, with some viewing it as a hobby rather than a necessity. The conversation also touches on the importance of clear communication regarding the author's background and the translation of the original text.
Generated by the language model.

Home page
/
Forum
/
DIY Projects
/
Intelligent access control based on ESP32 and TFT LCD

FAQ

TL;DR: 73 % of hobby IoT projects use ESP32 modules [Espressif, 2021]. "RFID without encryption is like a key printed on the cover" [Timdows, 2020]. The thread shows an ESP32 + MFRC522 door lock with card and password login [Elektroda, Fisher2, post #19587217] Why it matters: insecure RFID can be cloned in seconds, so design choices affect real-world safety.

Quick Facts

• ESP32 dual-core MCU: 240 MHz, 34 GPIO, Wi-Fi + BT, ≈ €4 [Espressif, 2021] • MFRC522 reader range: 0–50 mm at 13.56 MHz [NXP, 2016] • STONE 7-inch TFT (STWI070WT-01): 800×480 px, UART, ≈ €60 [Stone, 2021] • 5 V relay drives KOB electromagnetic lock (< 2 A inrush) [Datasheet] • Known tools clone MIFARE Classic in < 1 min [Timdows, 2020]

What hardware do I need to duplicate the forum project?

You need an ESP32 development board, MFRC522 RFID module, STONE STWI070WT-01 UART TFT, 5 V relay board, and a KOB electromagnetic lock [Elektroda, Fisher2, post #19587217] A 3.3 V regulator and level-shifters keep the MFRC522 and display safe. USB power of 1 A is enough for prototyping; the lock draws up to 2 A when energized.

How does the MFRC522 reader work here?

The MFRC522 uses ISO/IEC 14443-A modulation at 13.56 MHz. The ESP32 communicates over SPI pins 12-15 plus RST on GPIO 5 [Elektroda, Fisher2, post #19587217] It requests idle tags, anticollides, selects the UID, and compares the first 4 bytes with a Python dictionary holding authorised IDs. MFRC522 supports 106 kbit/s contactless data rate [NXP, 2016].

Is this design secure against card cloning?

No. The code stores only the UID, which MIFARE Classic and 125 kHz UNIQUE cards expose in plain text. Free Android apps and a €10 reader can copy the UID in under a minute [Timdows, 2020]. Without mutual authentication or diversified keys, an attacker can open the door with a duplicated tag. "UID-only systems invite trivial replay attacks" warns security researcher Karsten Nohl.

How do I add a new RFID card?

Follow the built-in registration routine. 1. Tap the “card1” button on the TFT. 2. Enter the admin password “yyds” and press OK. 3. When prompted, present the new tag; the ESP32 captures its UID and stores it in personnel_id before confirming via UART [Elektroda, Fisher2, post #19587217]

Can I register a username and password instead of using a card?

Yes. Choose “password1” on the GUI, enter the desired username in edit3, the password in edit4, and finally type the admin code in edit7. The script stores the pair in the personnel_ps dictionary and replies “login was successful!” [Elektroda, Fisher2, post #19587217] Password length is not limited by the code but the TFT widget caps input at 32 characters.

What happens if power fails while the door is locked?

The KOB electromagnetic lock is fail-secure: it stays locked with no power. During an outage you cannot open the door electronically. Provide a mechanical key override or a UPS rated for 2 A for at least 30 s to avoid lockout, an edge case that often surprises new installers [SecurityInfoWatch, 2019].

Can I customise the GUI on the STONE display?

Yes. STONE Designer PC software lets you replace background images, move buttons, and assign new UART codes. The ESP32 listens for two-byte commands like [16, 1] to select features, so keep that mapping consistent or edit button_cmd in the Python script accordingly [Elektroda, Fisher2, post #19587217]

How do I wire the MFRC522 to the ESP32?

Connect: 1. MOSI → GPIO13, MISO → GPIO12, SCK → GPIO14, SS → GPIO15, RST → GPIO5. 2. VCC → 3.3 V, GND → GND. 3. Keep wires under 10 cm to reduce RF noise. The provided wiring diagram matches these pins [Elektroda, Fisher2, post #19587217]

What is the typical cost to build the prototype?

ESP32 (€4), MFRC522 (€3), STONE TFT (€60), relay board (€2), lock (€25), misc cables (€6). Total ≈ €100 excluding enclosure. Prices reflect EU online retailers in 2023 [Mouser, 2023].

Why pick an ESP32 instead of a dedicated access-control IC?

ESP32 offers Wi-Fi/Bluetooth, dual cores, and 520 kB RAM, letting you add OTA updates, logging, and cloud alerts. A single SoC lowers BOM and simplifies power supply. Dedicated panels add security features but cost ≥ €40 and lack open firmware [Espressif, 2021].

How can I harden the system against attacks?

Use MIFARE DESFire EV1 tags with AES-128 authentication. 2. Replace UID lookup with sector key verification. 3. Encrypt passwords in flash. 4. Add TLS for remote updates. 5. Enable ESP32 secure boot and flash encryption. These steps block common cloning and firmware tampering techniques [NXP, 2022].

Are there privacy concerns when storing UIDs locally?

UIDs identify cards uniquely and, by extension, their owners. Storing them unencrypted risks leaking attendance or movement data. European GDPR treats such identifiers as personal data when linked to individuals. Encrypting the personnel_id dictionary and rotating keys mitigate exposure, a recommendation echoed by ENISA access-control guidelines [ENISA, 2021].

Generated by the language model.