đź’ˇ

This post was written 4 years ago, it may be out of date, my opinion might have changed, and/or the writing may be embarrassingly bad. Read with caution.

Twitter Shows Slow MFA Adoption, Is Security Unusable?

Summer/2021 – 1 min read

Twitter's latest transparency report shows a low uptake for the multi-factor authentication feature. This is a great security control that's easy to use. What's going on?

Multi-factor authentication (MFA or 2FA) is a fantastic security control. It makes it a lot harder for attackers to gain access to your accounts.

So why isn’t it used more? Let’s explore in this short…

Transcript

MFA or multi-factor authentication is a fantastic way to add security to any account.

The idea is simple.

In addition to your username and password, you also need a short, temporary code generated by an app or sent to you via text.

[00:00:12] This means an attacker needs to have your password and access to your phone in order to get into your.

The problem, according to Twitter, is almost no one is using this feature, which is now standard for most social media and other services.

Twitter’s data shows that only 2.3% of their users are using MFA. And the majority of those were using text messages to get their codes.

[00:00:31] This highlights two major problems, education and usability.

Security features are no good if they aren’t used. MFA is a strong control with a low barrier to entry.

But we need to improve efforts to educate users and we need to do everything that we can to make sure that security features are easy to use.

References