Login processes can make or break a user experience. Excessive reliance on multi-factor authentication (MFA) often deters users from returning to a site more often.
You may have experienced the frustration when logging in to an account, your cable or streaming provider, for example. You complete the MFA to sign in, then navigate to view your billing statement and get presented with MFA again, even though you’re still on your provider's platform. Or if you’re a frequent online shopper, you may find yourself getting asked for MFA multiple times a week (or day!) and wondering if it is worth the hassle. You’re not alone - according to a 2021 PingIdentity survey, 56% of global consumers—and 61% of U.S. consumers—would stop using an online service if the login process became too frustrating. Worse, 65% of U.S. consumers would switch to a competitor offering easier authentication.
Businesses aren’t immune to these frustrations. Employers frequently prioritize account security over user experience, assuming that a few extra seconds of MFA are negligible. But when multiplied across daily logins for hundreds or thousands of employees, this “minor” inconvenience can result in significant productivity losses and increased support costs for help desks with minimal impact on reducing security risk.
MFA Exhaustion
Step-up authentication methods like one-time passcodes (OTPs), mobile notifications, captchas, and security questions introduce friction that annoy users and damage the users' experience going forward. Delays in receiving codes, forgotten answers to security questions, or the need to fetch a mobile device can derail the login process entirely. And while hardware authentication tokens offer strong security, they’re impractical for many scenarios. Yet abandoning MFA isn’t the answer either. Relying solely on passwords exposes accounts to takeovers, leading to financial losses and reputational damage.
We all know more isn’t always better. Sometimes better is just better. Striking a balance between security and usability is essential. MFA is a powerful tool, as is having a strong password policy. But using MFA everywhere all the time or requiring frequent password changes just leads to annoyed users. (For an in-depth discussion of MFA, read our paper or watch our webinar “There is no Silver Bullet: User Credentials are not Secured with 2FA Alone.”)
The Solution: Focus on “risk based” authentication controls
Organizations can no longer afford to see authentication as an all-or-nothing choice. Tools like AllCreds enable them to embrace risk-based authentication, protecting user accounts without alienating their users. By strategically applying friction only when necessary, businesses can enhance security, boost productivity, and create a login experience that works for everyone.
In the battle of security versus user experience, the winner doesn’t have to be one or the other—it can be both.
AllCreds takes a smarter approach by introducing friction only when it’s necessary. Powered by a vast database of over 30 billion compromised credential pairs, AllCreds detects when a user’s login credentials have been compromised elsewhere. This signals an elevated risk and justifies additional security measures like one-time passwords, security questions, other MFA approaches—but only in those instances.
Here’s how it works:
Behind-the-Scenes Protection: AllCreds operates invisibly, allowing most users to log in without interruption.
Real-Time Risk Detection: Each day, 15 million new compromised credentials are added to AllCreds’ repository, ensuring up-to-date protection.
Beyond Login Events: AllCreds can also flag compromised credentials during account creation or password changes, proactively mitigating risks.
Why It Matters
By tailoring authentication requirements to the risk level, AllCreds ensures that low-risk users enjoy a frictionless experience while high-risk scenarios are met with appropriate security measures. This balanced approach not only safeguards sensitive information but also improves user satisfaction and reduces churn.
Comentarios