Two-factor authentication.

I designed a system where the users of an application set two-factor authentication for themselves. They choose one of the two methods - 'Using email address' or 'Using phone number', to authenticate their accounts. Once they choose the method, a 6-digit code will be sent. Users enter that code and secure their accounts.

Every time users log in to their accounts(after the authentication process) with their usual username and password, they are sent a security token(6-digit code). That token is valid only for 60 seconds. In this way, whenever a user logs into a new device, they know their accounts are protected.