MFA is a Waste of Time! Understanding Negative Connotation Towards MFA Applications via User Generated Content
This addresses usability barriers for users of MFA applications, but it is incremental as it builds on existing research about authentication challenges.
The paper tackled the problem of user dissatisfaction and non-adoption of multi-factor authentication (MFA) by analyzing 12,500 user comments from app stores, finding that issues like configuration difficulties and limited compatibility hinder adoption despite security benefits.
Traditional single-factor authentication possesses several critical security vulnerabilities due to single-point failure feature. Multi-factor authentication (MFA), intends to enhance security by providing additional verification steps. However, in practical deployment, users often experience dissatisfaction while using MFA, which leads to non-adoption. In order to understand the current design and usability issues with MFA, we analyze aggregated user generated comments (N = 12,500) about application-based MFA tools from major distributors, such as, Amazon, Google Play, Apple App Store, and others. While some users acknowledge the security benefits of MFA, majority of them still faced problems with initial configuration, system design understanding, limited device compatibility, and risk trade-offs leading to non-adoption of MFA. Based on these results, we provide actionable recommendations in technological design, initial training, and risk communication to improve the adoption and user experience of MFA.