Multi-factor authentication (MFA) is globally recommended as a leapfrog security measure that significantly reduces online threats such as identity theft and online fraud. Security experts often recommend that users use MFA technology where available, emphasizing the importance of additional layers of authentication to prevent malicious hackers. However, after a decade of evangelism and the many millions spent on new ones, the general acceptance of MFA remains stagnant and the latest figures from Twitter tell a surprising story. In a new transparency report released this month, the media giant said that hardly 2.3 per cent of all active accounts have at least one way to two-factor authentication between July and December last year. Of all users who chose to turn on the password authentication feature, 80 per cent want to verify weak SMS-based authentication, which is understood to be possible for the theft of sensitive information and SIM attacks. Twitter acknowledged that this is a major industry problem. “Total users of MFA remains low, which is a serious challenge for the industry as a whole. If accounts don’t enable 2FA, we’re left relying on powerful ways to keep accounts secure.” “Overall, these figures indicate the ongoing need to promote the wider acceptance of 2FA, while working to easily improve accounts that can use 2FA. Making 2FA methods easier and more interactive will help to promote acceptance and increase security on Twitter. ”
Twitter recommends 2FA as one of our strongest security measures in account reduction, recognizing that it helps reduce threats to password use or data theft where Twitter accounts can be part of data loss. “While any type of 2FA is much safer than not enabling 2FA, some types of 2FA are much safer than others. In general, 2FA SMS-based security is less secure due to its tendency to both SIM hijacking and identity theft, ”reads a public Twitter report, although noting that most of its MFA-enabled users use the SMS method. Will Gregorian, head of security at Color Health, said industry-wide MFA adoption remains low because MFA applications and therefore the set-up process is often crammed with inconveniences and fears of being permanently locked out of accounts.
By Vedant Soni
Campus Ambassador, WCSF