bugfree Icon
interview-course
interview-course
interview-course
interview-course
interview-course
interview-course
interview-course
interview-course

System Design Question

Design a Secure Identity Management System

bugfree Icon

Hello, I am bugfree Assistant. Feel free to ask me for any question related to this problem

Functional Requirements:

  • Users can register and create an account with a unique username and password.
  • Users can log in to the system securely.
  • Support for Multi-Factor Authentication (MFA) during login (e.g., SMS OTP or authenticator app).
  • Users can reset their password securely if forgotten.
  • The system issues an access token (e.g., OAuth2) upon successful authentication for use with third-party services.
  • Admins can deactivate or lock user accounts.
  • Out of scope: Full identity lifecycle management (e.g., user provisioning, deprovisioning), threat detection, and advanced analytics.

Non-Functional Requirements:

  • High availability: The system should be available 99.9% of the time.
  • Scalability: Must support up to 10 million users and 100,000 logins per day.
  • Consistency: User authentication and account status changes (e.g., lockout) must be strongly consistent.
  • Security: All sensitive data (passwords, tokens) must be encrypted at rest and in transit.
  • Response time: Authentication requests should complete within 200ms under normal load.
  • Auditability: All authentication attempts and account changes should be logged for audit purposes.

System Design Diagrams

Zoom In and Out via trackpad or posture