Article
Making Two-Factor Authentication accessible
24/10/2024
min read
Security
Article
Making Two-Factor Authentication accessible
Security
October 24, 2024
Article
Making Two-Factor Authentication accessible
Security
October 24, 2024
Article
Making Two-Factor Authentication accessible
This Cyber Security Month, we’ve been asking the question: Why do so many resist activating 2FA, despite the known risks? While we’ve explored the psychological barriers, it’s now time to consider the accessibility challenges with 2FA and what we can do to address them.
Throughout Cyber Security Month, we’re encouraging everyone to adopt Two-Factor Authentication (2FA) wherever possible. In a nutshell, 2FA is an extra layer of security used to verify someone’s identification, requiring two factors to log in (such as a password and a pin code). It’s widely recognised as a vital method of keeping accounts safe online. At Visma, we understand that digital and security solutions need to be as diverse as the people using them – technology should empower and include everyone. That’s why we make every effort to keep accessibility top of mind in product development and security.
According to the World Health Organisation:
- An estimated 1.3 billion people – about 16% of the global population – currently experience significant disability.
- By 2030, 1 in 6 people in the world will be aged 60 years or over.
As we aim to strengthen digital security and promote solutions like 2FA, it’s essential to consider the difficulties faced by people with disabilities and elderly individuals in our society. In addition to physical barriers, many find technology interfaces intimidating, particularly when it comes to inputting complex credentials. These challenges deter full participation in digital security practices like 2FA.
What are some of the common accessibility challenges with 2FA?
Complex authentication methods
Traditional 2FA methods often require entering codes sent via SMS or email, often within a certain timeframe like 30 or 60 seconds, which can be difficult for individuals with visual impairments, cognitive disabilities, or motor skill challenges.
Device limitations
Not all users have access to the devices or technology needed for certain 2FA methods, such as smartphones for app-based authentication, which can be a barrier for elderly individuals or those with limited resources.
Lack of alternative options
Limited choices in authentication methods can exclude individuals who cannot use the standard options due to physical or situational barriers.
Cognitive load
Remembering and managing multiple authentication steps can be overwhelming, especially for users with cognitive disabilities.
Explore the common psychological barriers that deter people from adopting 2FA.
What can we do to combat these challenges?
Give users different ways to authenticate
Ensure alternative authentication methods, such as biometric options (fingerprint, facial recognition) and security keys, are available. These eliminate the need for entering complex passwords or codes.
For example, our identity provider, Visma Connect, includes both password and passwordless authentication options for Visma companies and their customers to choose from:
Simplify the user interface
Prioritise designing intuitive and easy-to-navigate user interfaces that reduce cognitive load, making the authentication process more straightforward for users with disabilities.
Encourage using a password manager
Password managers can store and auto-fill passwords securely. This simplifies the login process by minimising the need to remember or manually enter credentials. We encourage everyone to use a password manager, both in their professional and personal lives.
Educate and support
Ensure that support is easily accessible and offer comprehensive guides and training for users to effectively set up and use 2FA with accommodation for their specific needs.
As a global leader in technology, it’s essential for us – along with key manufacturers, developers, and legislative bodies responsible for 2FA standards and regulations – to create and promote more inclusive authentication systems. The goal is to protect user security without compromising accessibility, ensuring that everyone, regardless of their physical or cognitive abilities, has equal access to protect themselves online.
We’re committed to leading this conversation, promoting secure and accessible digital environments that are inclusive for all users, regardless of age or ability.
About the episode
holli.hatherly@visma.com
2FA,Accessibility,Cyber Security
Voice of Visma
We're sitting down with leaders and colleagues from around Visma to share their stories, industry knowledge, and valuable career lessons. With the Voice of Visma podcast, we’re bringing our people and culture closer to you. Welcome!
holli.hatherly@visma.com