Lessons Learnt from a 2FA roll out within a higher education organisation

by   Abideen Tetlay, et al.

Rolling out a new security mechanism in an organisation requires planning, good communication, adoption from users, iterations of reflection on the challenges experienced and how they were overcome. Our case study elicited users' perceptions to reflect on the adoption and usage of the two factor authentication (2FA) mechanism being rolled out within our higher education organisation. This was achieved using a mixed method research approach. Our qualitative analysis, using content and thematic coding, revealed that initially SMS was the most popular 'second factor' and the main usability issue with 2FA was the getting the authenticator app to work; this result was unexpected by the IT team and led to a change in how the technology was subsequently rolled out to make the authenticator app the default primary second factor. Several lessons were learnt about the information users needed; this included how to use the technology in different scenarios and also a wider appreciation of why the technology was beneficial to a user and the organisation. The case study also highlighted a positive impact on the security posture of the organisation which was measure using IT service request metrics.


page 1

page 2

page 3

page 4


MFA is a Waste of Time! Understanding Negative Connotation Towards MFA Applications via User Generated Content

Traditional single-factor authentication possesses several critical secu...

Impact of Information and Communication Technology on Individual Well-being

This paper investigates the impact of information and communication tech...

Involving Users in the Design of a Serious Game for Security Questions Education

When using security questions most users still trade-off security for th...

New Metrics for Learning Evaluation in Digital Education Platforms

Technology applied in education can provide great benefits and overcome ...

When Gamification Spoils Your Learning: A Qualitative Case Study of Gamification Misuse in a Language-Learning App

More and more learning apps like Duolingo are using some form of gamific...

Going Paperless – Main Challenges in EDRMS Implementation – Case of Georgia

National governments are eager to incorporate information and communicat...

"Get a Free Item Pack with Every Activation!" – Do Incentives Increase the Adoption Rates of Two-Factor Authentication?

Account security is an ongoing issue in practice. Two-Factor Authenticat...