BYU

Abstract by Jonathan Dutson

Personal Infomation


Presenter's Name

Jonathan Dutson

Degree Level

Masters

Co-Authors

Danny Allen
Dennis Eggett

Abstract Infomation


Department

Computer Science

Faculty Advisor

Kent Seamons

Title

User Attitudes About DUO Two-Factor Authentication at BYU

Abstract

Simple password-based authentication provides insufficient protection against account compromise. Although two-factor authentication (2FA) provides users with increased protection against attackers, users have mixed feelings about the usability of 2FA. We surveyed the students, faculty, and staff of BYU to measure user sentiment about DUO Security, BYU's 2FA provider. We find that most users consider DUO to be annoying, and about half of all participants reported at least one instance of being locked out of their BYU account because of an inability to authenticate with DUO. Students and faculty generally had more negative perceptions of DUO than staff. We suggest that user sentiment about 2FA may most easily be improved by 1) helping users develop a sense of self-efficacy regarding 2FA and 2) educating users about the risks mitigated by 2FA.