Complaints about two-factor authentication are on the rise
Of companies that use two-factor authentication, 74 percent admit that they receive complaints about it from their users -- and nearly 10 percent of them just ‘hate it.’
This rather surprising information comes from a studty by access control company SecureAuth, carried out in conjunction with Amplitude Research, which surveyed 300 IT decision makers and cybersecurity professionals on industry perspectives and concerns over 2FA.
The result is a turn around from a similar survey last year which showed that 99 percent of IT departments believed 2FA was the best way to protect an identity and its access.
"It's not surprising that organizations are receiving an increasing amount of complaints about 2FA," says Craig Lund, CEO and founder of SecureAuth. "IT professionals face an ongoing battle as they are frequently forced to choose between user experience and increased security. This should be a false paradigm in 2017. Adaptive authentication solutions provide world-class security without impacting usability. That's because risk checks are done without users even being aware of it -- and two-factor authentication is applied only if risks are detected".
The survey shows a rise in the use of adaptive authentication. While 56 percent of organizations are using 2FA in some capacity -- either across the organization or in certain areas, 37 percent are now using adaptive authentication. In addition, a further 16 percent are preparing to implement or expand adaptive authentication in the next 12 months. When looking at large organizations (2,500 or more employees), the usage of adaptive rises to 41 percent. Additionally, 20 percent of medium-sized businesses, those with 250-2,499 employees) are planning to implement or expand their use of adaptive authentication in 2017.
"Organizations are already implementing stronger methods of user authentication, including adaptive access control and multi-factor authentication," adds Lund. "By layering adaptive techniques such as device recognition, geo-location, the use of threat services, and even behavioral biometrics, organizations can verify the true identity of the end user while still providing positive user experience".
More information on 2FA and adaptive authentication can be found on the SecureAuth website.