Multi-factor authentication (MFA or 2FA) is a fantastic security control. It makes it a lot harder for attackers to gain access to your accounts.
So why isn’t it used more? Let’s explore in this short…
Transcript
MFA or multi-factor authentication is a fantastic way to add security to any account.
The idea is simple.
In addition to your username and password, you also need a short, temporary code generated by an app or sent to you via text.
[00:00:12] This means an attacker needs to have your password and access to your phone in order to get into your.
The problem, according to Twitter, is almost no one is using this feature, which is now standard for most social media and other services.
Twitter’s data shows that only 2.3% of their users are using MFA. And the majority of those were using text messages to get their codes.
[00:00:31] This highlights two major problems, education and usability.
Security features are no good if they aren’t used. MFA is a strong control with a low barrier to entry.
But we need to improve efforts to educate users and we need to do everything that we can to make sure that security features are easy to use.
References
- Twitter Transparency Report
- Coverage of the report by Bleeping Computer, “Twitter reveals surprisingly low two-factor auth (2FA) adoption rate”
- Excellent discussion thread from Rachel Tobac