2018
DOI: 10.1177/1541931218621262
|View full text |Cite
|
Sign up to set email alerts
|

2FA Might Be Secure, But It’s Not Usable: A Summative Usability Assessment of Google’s Two-factor Authentication (2FA) Methods

Abstract: Computer security experts recommend that people use two-factor authentication (2FA) on password protected systems to help keep hackers out. Providing two pieces of information to verify a person’s identity adds extra security to an account. However, it is not clear if the added security and procedures impact system usability. This paper aims to answer this question by assessing per ISO 9241-11’s suggested measurements the usability of Google’s optional 2FA methods. We found few differences across four differen… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

1
9
0
1

Year Published

2019
2019
2024
2024

Publication Types

Select...
3
3
1

Relationship

0
7

Authors

Journals

citations
Cited by 22 publications
(11 citation statements)
references
References 5 publications
1
9
0
1
Order By: Relevance
“…Our results matched findings of Khan et al [27] as well as Crawford and Renaud [10] related to the fact that more interruptions for authentication were perceived as more annoying. They confirm findings of Reese et al [38] and Acemyan et al [1] regarding that code-based 2FA received SUS scores lower than or equal 80. In relation to Reese et al we can also confirm that the code-based 2FA SUS scores are lower than those of password-only authentication.…”
Section: User Acceptance and Sus (U1 U2supporting
confidence: 90%
See 1 more Smart Citation
“…Our results matched findings of Khan et al [27] as well as Crawford and Renaud [10] related to the fact that more interruptions for authentication were perceived as more annoying. They confirm findings of Reese et al [38] and Acemyan et al [1] regarding that code-based 2FA received SUS scores lower than or equal 80. In relation to Reese et al we can also confirm that the code-based 2FA SUS scores are lower than those of password-only authentication.…”
Section: User Acceptance and Sus (U1 U2supporting
confidence: 90%
“…The approach to change the SUS wordings is similar to Khan et al [27]. In contrast to them, we left SUS item five 1 inside our questionnaires since we tested a visible user interface. We calculated the SUS score as defined in Brooke [7].…”
Section: Exit Surveymentioning
confidence: 99%
“…The first issue is that additional steps are required to log in. Second, people find it difficult to set up 2FA (Acemyan, Kortum, Xiong & Wallach, 2018). Having a more secure system is not valuable if people perceive it as difficult to set up and use.…”
Section: Introductionmentioning
confidence: 99%
“…There have been prior efforts to evaluate the usability of 2FA systems. Previous studies categorized 2FA tasks into two: the setup process and the login process (Acemyan et al, 2018;Reynolds et al, 2018). Setup is the process of activating a 2FA authentication service on an account.…”
Section: Introductionmentioning
confidence: 99%
See 1 more Smart Citation