Two-Factor Authentication: Weighing Security, Autonomy, and Accessibility
Lexi Bowman
CYSE 425W: Cyber Strategy and Policy
Professor Aslan
March 6, 2025
Two-factor authentication (2FA) operates as a security measure that demands two authentication steps to verify user identities. Two-factor authentication offers security benefits, yet it generates certain moral dilemmas. Users experience frustration due to delayed authentication codes and need to use additional hardware tokens or devices. The obstacles described by Ali, Dida, and Sam (2020) prevent users from accessing required services effectively. Does two-factor authentication truly serve its purpose if it leads to such increased complexity for users?
2FA systems reduce user control as a result of their implementation. The protection of data remains essential, yet users need a voice in the methods used to secure their accounts. Omwoyo, Kamau, and Mgala (2022) discuss how two-factor authentication creates frustration through the need for SMS code delays and multiple device requirements. Security complexity stands as a question when we must determine if such complications result in additional stress on users. Organizations need to develop simpler alternatives alongside thorough instructions that work for every user.
The technology requirements for two-factor authentication create barriers that prevent certain users from accessing this security measure. Users with disabilities and individuals from lower-income backgrounds typically do not possess the devices or tools required to operate 2FA correctly. Pomputius (2018) noted that organizations that enforce 2FA requirements create obstacles for numerous users to sustain their account security practices. The lack of access creates situations where some individuals become unable to access services, thus representing a serious issue. Organizations should analyze these barriers to two-factor authentication so they can create accessible solutions for all users.
Organizations must maintain clear transparency standards in their practices. People who fail to understand both the use of 2FA and data handling processes will not develop trust in the system. Ali et al. (2020) emphasize that users must receive clear information regarding 2FA requirements alongside its operational methods and information-handling procedures. Lack of transparency by organizations will cause users to either oppose the system or discover workarounds that produce additional difficulties. The system needs to deliver clear information to users so they can establish trust in its operations.
The security benefits of 2FA must be weighed against its ethical implications when deploying this account protection method. The system improves security, yet it creates challenges for particular users and reduces their ability to control their accounts. Security policies for cyber systems need to establish the correct equilibrium between account protection measures and user-friendly system access that maintains fairness for everyone. Companies should continuously assess their policies because technological development requires them to evaluate their systems for fairness and inclusion toward all users.
Work Cited
Ali, G., Ally Dida, M., & Elikana Sam, A. (2020). Two-Factor Authentication Scheme for Mobile Money: A Review of Threat Models and Countermeasures. Future Internet, 12(10), 160. https://doi.org/10.3390/fi12100160
Omwoyo, R. S., Kamau, J., & Mgala, M. (2022). A review of Two Factor Authentication Security Challenges in the Cyberspace. International Journal of Advanced Computer Technology, 11(5), 1-6. Retrieved from https://www.ijact.org/index.php/ijact/article/view/112
Pomputius, A. F. (2018). A Review of Two-Factor Authentication: Suggested Security Effort Moves to Mandatory. Medical Reference Services Quarterly, 37(4), 397-402. https://doi.org/10.1080/02763869.2018.1514912
