State of the Auth: Experiences and Perceptions of Multi-Factor Authentication
In the past, Duo Labs has written several blog posts containing data analysis ranging from iOS adoption to user response to NIST’s guidance on SMS. This time, we decided to conduct research in an area that hits closer to home: two-factor authentication (also referred to as multi-factor authentication) adoption and perception.
In order to find out what the average person thinks of two-factor authentication (2FA), we conducted a U.S.-census-representative survey that asked questions about a participant’s 2FA usage, how they learned about it, which technologies they’ve used as as a second factor, and more.
Through this survey, we discovered that:
- Only 28% of people use 2FA.
- The majority of participants who did use 2FA (54%) began using it voluntarily.
- Two-thirds of people who had used security keys or push notifications as an authentication method believed it to be convenient and quick.
While having data concerning 2FA adoption and perception on a national scale is very informative, it doesn’t tell the complete story. In the future, we hope to conduct a global survey so that we are able to better measure 2FA adoption over time and perceptions of it outside of the United States.
Details, Details, Details
In order to help our readers digest our results with graphics, we’re releasing a short paper to discuss the context of our research, our data and conclusions, and the process we went though, so other researchers can provide feedback and reproduce our results.
Data and More
In addition to the findings we present in the paper, we’re sure there are more things that could be uncovered and additional insights that could be drawn from our data. With that in mind, we’re releasing to the public a reformatted version of the survey responses on https://data.world/.