Yubico Study Highlights Significant Increase in Multi-Factor Authentication

Yubico’s MFA Adoption study [PDF, sign-up required], in conjunction with 451 Research, found that throughout the first year of the COVID-19 pandemic and subsequent lockdowns and switch to WFH models, over 50 percent of all respondents had suffered a security incident or breach.

In response, businesses are moving employees to MFA systems to provide better security, moving away from traditional username/password login systems.

In short, Yubico found that the effect of COVID-19 on security was a push in the right direction for more secure 2FA or MFA systems, covering One-Time Passwords, biometrics, mobile-based MFA, SMS-based MFA, and hardware-based USB security keys.

Notably, SMS-based MFA usage remains high, with over 40 percent of respondents still using SMS despite increasing attacks and exploits.

MFA Complexity Remains an Issue

One standout point from the study wasn’t just the increase in MFA adoption. Rather, it was that the overall user experience and complexity of multi-factor authentication systems were reducing adoption.

Although MFA has never been easier (through the use of dedicated smartphone apps or physical keys), for others, MFA remains a bewildering experience. The adoption of MFA isn’t helped by the sudden necessity to use a new technology, especially without the hands-on training many would expect in a regular office environment.

Another issue facing organizations is that the further down the food chain you go, the less likely employees are to use proper MFA. All organizations surveyed said that regular passwords were still in use across the organization, which is understandable.

However, this ignores the fact that many attackers know this fact and regularly target lower-level employees in the knowledge that they are unlikely to use additional security or authentication technologies.

Time to Switch to MFA or 2FA

Passwordless logins, multi-factor authentication, and two-factor authentication are important for organizations attempting to boost security, both in the office and in evolving WFH scenarios. Although the rise in MFA use stems from the risk of security breach brought on by the COVID-19 pandemic, the resulting increase in security can only be a good thing for businesses, employees, and consumers.