Pages

Is Multi-Factor Authentication Worth the Trouble? This Survey Reveals the Answer

Password protecting your online accounts used to be seen as a perfectly legitimate form of cybersecurity. In spite of the fact that this is the case, passwords are now perceived as rather lax, with many malicious actors being able to brute force their way through them without much effort. This gave rise the a new form of cybersecurity called two factor authentication which sent you a code to your phone or email as an added layer of protection in case your password got leaked.

A survey from Beyond Identity showed that many users are annoyed by 2FA or MFA. With all of that having been said and now out of the way, it is important to note that a large proportion of them also admitted that MFA prevented their account from getting compromised. That might make the trouble of using 2FA or MFA more worthwhile than might have been the case otherwise, and the findings of this survey certainly seem to confirm as much.

14% of respondents said that they don’t use MFA, and 38% of people who used MFAs said that they didn’t even know what it was called. However, 75% of the people who responded to this survey stated that they know what it was. 79% also said that they had gotten locked out of their own accounts due to the troubles with MFA. This is a common concern, since the added layers of protection can often work against the user by preventing them from accessing accounts without jumping through a lot of hoops.

28% of survey respondents said that they got locked out of their accounts for 5 to 15 minutes. It took over a day for around 10% of people to regain access to their accounts, and 10% never ended up getting their account back at all. Another concerning trend is the rise of MFA fatigue attacks because of the fact that this is the sort of thing that could potentially end up using the added layer of security against the user targets by sending them so many push notifications that they end up getting overwhelmed.

62% of users said that they had faced an MFA fatigue attack at some point in the past. 49% stated that they ended up not completing their buying journey due to frequent login attempts failing, and 53% found that they could not make a payment due to MFA. This might make MFA a bit of an issue for ecommerce platforms, because such a high proportion of consumers abandoning carts will really eat into their revenues and cause a lot of long term problems that might take some steam out of the growth of the industry.

The proportion of MFA fatigue attacks goes up with the percentage of accounts with MFA. 62% of online banking accounts used MFA, and 55% of them have faced MFA attacks as of late. 54% of Facebook accounts have also ben facing MFA fatigue attacks, which is putting some strain on the 45% of Facebook users that are using MFA to secure their accounts. All of this points to MFA being in a state of crisis, and it may need to be further tweaked to alleviate user concerns.





Read next: The Most Popular Passwords Reveal the Sorry State of Cybersecurity

No comments: