How Mandatory Second Factor Affects the Authentication User Experience

要旨

Recent years have seen growing organizational adoption of two-factor authentication as organizations seek to limit the damage caused by password breaches. However, research on the user experience of two-factor authentication in a real-world setting is relatively scant. To fill this gap, we conducted multiple waves of an online survey of users at a large public university during its multi-phase rollout of mandatory two-factor authentication for faculty, staff, and students. In addition, we examined multiple months of logs of all authentication events at the university. We found no significant changes in user experience and acceptance of two-factor authentication when it was mandatory for select systems that dealt with sensitive information. However, these factors degraded when users were forced to use two-factor authentication for logging into every single university resource. Our findings can serve as important guidance for the implementation of two-factor authentication in organizations in a way that can help achieve a balance between security and user experience.

キーワード
Two-factor authentication
2FA
Multi-factor authentication, Security, User experience
UX, Login, University IT
著者
Jacob Abbott
Indiana University Bloomington, Bloomington, IN, USA
Sameer Patil
Indiana University Bloomington, Bloomington, IN, USA
DOI

10.1145/3313831.3376457

論文URL

https://doi.org/10.1145/3313831.3376457

会議: CHI 2020

The ACM CHI Conference on Human Factors in Computing Systems (https://chi2020.acm.org/)

セッション: Privacy & security user experience

Paper session
313B O'AHU
5 件の発表
2020-04-27 23:00:00
2020-04-28 00:15:00
日本語まとめ
読み込み中…