TY - JOUR
T1 - "Nah, it's just annoying!" A Deep Dive into User Perceptions of Two-Factor Authentication
AU - Marky, Karola
AU - Ragozin, Kirill
AU - Chernyshov, George
AU - Matviienko, Andrii
AU - Schmitz, Martin
AU - Mühlhäuser, Max
AU - Eghtebas, Chloe
AU - Kunze, Kai
N1 - Funding Information:
This research work has been funded by the Horst Görtz Foundation, by the Deutsche Forschungsgemeinschaft (DFG, German Research Foundation) – 251805230/GRK 2050; 326979514/3DIA) and JST CREST Grant No. JPMJCR16E1 Experiential Supplements. This research was also supported, in part, by the Engineering and Physical Sciences Research Council (grant number EP/V008870/1).
Publisher Copyright:
© 2022 Copyright held by the owner/author(s). Publication rights licensed to ACM.
PY - 2022/10/20
Y1 - 2022/10/20
N2 - Two-factor authentication (2FA) is a recommended or imposed authentication mechanism for valuable online assets. However, 2FA mechanisms usually exhibit user experience issues that create user friction and even lead to poor acceptance, hampering the wider spread of 2FA. In this article, we investigate user perceptions of 2FA through in-depth interviews with 42 participants, revealing key requirements that are not well met today despite recently emerged 2FA solutions. First, we investigate past experiences with authentication mechanisms emphasizing problems and aspects that hamper good user experience. Second, we investigate the different authentication factors more closely. Our results reveal particularly interesting preferences regarding the authentication factor "ownership"in terms of properties, physical realizations, and interaction. These findings suggest a path toward 2FA mechanisms with considerably better user experience, promising to improve the acceptance and hence, the proliferation of 2FA for the benefit of security in the digital world.
AB - Two-factor authentication (2FA) is a recommended or imposed authentication mechanism for valuable online assets. However, 2FA mechanisms usually exhibit user experience issues that create user friction and even lead to poor acceptance, hampering the wider spread of 2FA. In this article, we investigate user perceptions of 2FA through in-depth interviews with 42 participants, revealing key requirements that are not well met today despite recently emerged 2FA solutions. First, we investigate past experiences with authentication mechanisms emphasizing problems and aspects that hamper good user experience. Second, we investigate the different authentication factors more closely. Our results reveal particularly interesting preferences regarding the authentication factor "ownership"in terms of properties, physical realizations, and interaction. These findings suggest a path toward 2FA mechanisms with considerably better user experience, promising to improve the acceptance and hence, the proliferation of 2FA for the benefit of security in the digital world.
KW - human factors
KW - Two-factor authentication
KW - usability
KW - user experience
UR - http://www.scopus.com/inward/record.url?scp=85131690358&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85131690358&partnerID=8YFLogxK
U2 - 10.1145/3503514
DO - 10.1145/3503514
M3 - Article
AN - SCOPUS:85131690358
SN - 1073-0516
VL - 29
JO - ACM Transactions on Computer-Human Interaction
JF - ACM Transactions on Computer-Human Interaction
IS - 5
M1 - 43
ER -