In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).
Thirteenth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2019)
Title: MFA is a Waste of Time! Understanding Negative Connotation Towards MFA Applications via User Generated Content
Author(s): Sanchari Das, Bingxi Wang, Linda Jean Camp
Keywords: Authentication, Multi-Factor Authentication, Passwords, User Studies, User Experience, User Evaluation.
Abstract: Traditional single-factor authentication possesses several critical security vulnerabilities due to single-point failure feature. Multi-factor authentication (MFA), intends to enhance security by providing additional verification steps. However, in practical deployment, users often experience dissatisfaction while using MFA, which leads to non-adoption. In order to understand the current design and usability issues with MFA, we analyze aggregated user generated comments (N = 12,500) about application-based MFA tools from major distributors, such as, Amazon, Google Play, Apple App Store, and others. While some users acknowledge the security benefits of MFA, majority of them still faced problems with initial configuration, system design understanding, limited device compatibility, and risk trade-offs leading to non-adoption of MFA. Based on these results, we provide actionable recommendations in technological design, initial training, and risk communication to improve the adoption and user experience of MFA.
Download count: 633
How to get this paper:
PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.