Two factor authentication services for personal accounts?

LonghornSecurity

Beta member
Messages
2
Location
United States of America
Hi Tech Forums, I am a student at the University of Texas working on a project studying the market for two factor authentication services.

It seems like two factor authentication could solve many current security problems, however people don't use it because it is cumbersome. I made a survey to find out more about who uses two factor authentication services and why or why not.

If you can help me out with the survey, I would be very appreciative.

Here is the link: https://utexas.qualtrics.com/SE/?SID=SV_71HkkeMVp7iCLf7

Thanks again!
 

Reapt

In Runtime
Messages
261
Location
Colorado
In my opinion some instances of MFA can be annoying and a security issue. Interesting project that is though. I'm on mobile atm so haven't clicked the link. What exactly do you have to do in the project? Are you an IT security major? B.S. Or Masters?
 

LonghornSecurity

Beta member
Messages
2
Location
United States of America
Thanks for taking the time to follow up. I am actually a PhD student and this is a side project, very separate from my thesis work.

With this survey I am trying to understand what people like and dislike about a specific security solution, multifactor authentication services. I hope this doesn't spill the beans too much, but I can let you know that my operating hypothesis is that more people would use better security practices if they were easy to implement and required little to no action on the part of the end user.

This may seem obvious, but changing people's behaviour can be challenging. Hopefully, this study will provide us with some ideas about how to start that process.
 

Reapt

In Runtime
Messages
261
Location
Colorado
It's exactly that. People prefer instant gratification. Having MFA is an annoyance. Take blizzard for example. They implemented the authenticators to make things more secure. But the fact you have to physically use it and type a code in has steered most away from it. It's nice having an added layer of security though. For instance google with it's gmail. The text verifications are a nice addition. It has saved my email from those spam bots in china a few times already. I think MFA is good when implemented right. Don't make me use authenticators, text verifications when the request is coming from a known ip.
 
Top