Brits Still Confused by Multi-Factor Authentication

The British public are still woefully underinformed and unaware of the security benefits of multi-factor authentication (MFA), a new study from the FIDO Alliance has revealed.

The industry association, founded in 2012 to promote authentication standards and reduce global reliance on passwords, recently polled over 4000 consumers in the UK, France, Germany and the US.

It revealed that half (49%) UK consumers have had their social media accounts compromised or know a friend or family member who has.

However, despite a continued number of high-profile account takeovers, 43% said this doesn’t make them enhance security on their accounts, even though they “feel like” they should.

Part of the problem seems to be a general lack of understanding about the benefits of MFA in protecting account holders from phishing, as well as credential stuffing and other brute force attack types.

Although such features are offered by all social media companies today, over a quarter (26%) of respondents said they weren’t using or didn’t know about them.

A further 15% said they would like to increase the security of their accounts but don’t know how, and two-fifths (39%) admitted they were unable to make a judgement either way as to whether their accounts are vulnerable or not.  

Of those that had taken action to improve account security, the most popular option (56%) was to create a stronger password, even though this still exposes them to the risks mentioned above.

Andrew Shikiar, executive director of the FIDO Alliance, warned that social media accounts are an attractive target for attackers as they contain plenty of personally identifiable information (PII).

“The research is showing us that there’s a general lack of awareness among consumers about how to assess their own risk of falling victim to social media hacks. They are also unsure as to what steps should be taken to best protect their accounts,” Shikiar continued.

“Social media platforms like Twitter and Facebook have made much stronger security options available. Consumers just need to know what they are, how easy they are to use and how to turn them on.”

If consumers are non-plussed over use of MFA for social media accounts, there’s also a strong possibility that their other online accounts will be similarly under-protected.

Leave a Reply