skip to main content
10.1145/3491101.3516809acmconferencesArticle/Chapter ViewAbstractPublication PageschiConference Proceedingsconference-collections
extended-abstract

The Emotional Impact of Multi-Factor Authentication for University Students

Published: 28 April 2022 Publication History

Abstract

Abilene Christian University recently rolled out multi-factor authentication (MFA) to the entire student body. Previous work has found frequent negative reactions and dissent experienced in university settings in regard to MFA. This can lead to decreased compliance or the use of less secure passwords to compensate. We hypothesize these responses are tied to the emotional impact of using required MFA for critical tasks. We present an empirical study on user perception of adopting two-factor authentication (n=465). Our findings indicate that, due to the time sensitive nature of many tasks that required MFA, university students are likely to experience strong negative emotions towards MFA that drastically lower their perceptions of its utility and usability. However, our findings also show that these negative emotions can be at least partially mitigated when users feel more personally secure due to MFA, which can in part be controlled by rollout strategy and communication.

References

[1]
Jacob Abbott and Sameer Patil. 2020. How mandatory second factor affects the authentication user experience. In Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems. 1–13.
[2]
Jessica Colnago, Summer Devlin, Maggie Oates, Chelse Swoopes, Lujo Bauer, Lorrie Cranor, and Nicolas Christin. 2018. “It’s not actually that horrible” Exploring Adoption of Two-Factor Authentication at a University. In Proceedings of the 2018 CHI Conference on Human Factors in Computing Systems. 1–11.
[3]
Emiliano De Cristofaro, Honglu Du, Julien Freudiger, and Greg Norcie. 2013. A comparative usability study of two-factor authentication. arXiv preprint arXiv:1309.5344(2013).
[4]
Cindy Harmon-Jones, Brock Bastian, and Eddie Harmon-Jones. 2016. The discrete emotions questionnaire: A new tool for measuring state self-reported emotions. PloS one 11, 8 (2016), e0159915.
[5]
Patrick Gage Kelley, Saranga Komanduri, Michelle L Mazurek, Richard Shay, Timothy Vidas, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, and Julio Lopez. 2012. Guess again (and again and again): Measuring password strength by simulating password-cracking algorithms. In 2012 IEEE symposium on security and privacy. IEEE, 523–537.
[6]
Saranga Komanduri, Richard Shay, Patrick Gage Kelley, Michelle L Mazurek, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, and Serge Egelman. 2011. Of passwords and people: measuring the effect of password-composition policies. In Proceedings of the sigchi conference on human factors in computing systems. 2595–2604.
[7]
John Marsden, Zachary Albrecht, Paula Berggren, Jessica Halbert, Kyle Lemons, Anthony Moncivais, and Matthew Thompson. 2020. Facts and Stories in Phishing Training: A Replication and Extension. In Extended Abstracts of the 2020 CHI Conference on Human Factors in Computing Systems. 1–6.
[8]
Robert A Peterson. 2000. A meta-analysis of variance accounted for and factor loadings in exploratory factor analysis. Marketing letters 11, 3 (2000), 261–275.
[9]
Elissa M Redmiles, Everest Liu, and Michelle L Mazurek. 2017. You Want Me To Do What? A Design Study of Two-Factor Authentication Messages. In SOUPS.
[10]
Richard Shay, Saranga Komanduri, Patrick Gage Kelley, Pedro Giovanni Leon, Michelle L Mazurek, Lujo Bauer, Nicolas Christin, and Lorrie Faith Cranor. 2010. Encountering stronger password requirements: user attitudes and behaviors. In Proceedings of the sixth symposium on usable privacy and security. 1–20.
[11]
Brian Stanton, Mary F Theofanos, Sandra Spickard Prettyman, and Susanne Furman. 2016. Security fatigue. It Professional 18, 5 (2016), 26–32.
[12]
Howard E Tinsley and Diane J Tinsley. 1987. Uses of factor analysis in counseling psychology research.Journal of counseling psychology 34, 4 (1987), 414.
[13]
Blase Ur, Felicia Alfieri, Maung Aung, Lujo Bauer, Nicolas Christin, Jessica Colnago, Lorrie Faith Cranor, Henry Dixon, Pardis Emami Naeini, Hana Habib, 2017. Design and evaluation of a data-driven password meter. In Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems. 3775–3786.
[14]
Rick Wash and Molly M Cooper. 2018. Who provides phishing training? facts, stories, and people like me. In Proceedings of the 2018 chi conference on human factors in computing systems. 1–12.
[15]
Jake Weidman and Jens Grossklags. 2017. I like it, but i hate it: Employee perceptions towards an institutional transition to byod second-factor authentication. In Proceedings of the 33rd Annual Computer Security Applications Conference. 212–224.
[16]
Alma Whitten and J Doug Tygar. 1999. Why Johnny Can’t Encrypt: A Usability Evaluation of PGP 5.0. In USENIX security symposium, Vol. 348. 169–184.

Cited By

View all
  • (2024)A framework for analyzing authentication risks in account networksComputers and Security10.1016/j.cose.2023.103515135:COnline publication date: 10-Jan-2024
  • (2023)A Novel Non-Biometric Multi-Factor Authentication System Using Audios and Relationships2023 IEEE International Conference on Industrial Engineering and Engineering Management (IEEM)10.1109/IEEM58616.2023.10406725(0279-0283)Online publication date: 18-Dec-2023

Index Terms

  1. The Emotional Impact of Multi-Factor Authentication for University Students
      Index terms have been assigned to the content through auto-classification.

      Recommendations

      Comments

      Information & Contributors

      Information

      Published In

      cover image ACM Conferences
      CHI EA '22: Extended Abstracts of the 2022 CHI Conference on Human Factors in Computing Systems
      April 2022
      3066 pages
      ISBN:9781450391566
      DOI:10.1145/3491101
      Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

      Sponsors

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      Published: 28 April 2022

      Check for updates

      Author Tags

      1. emotions
      2. multi-factor authentication
      3. usable privacy and security

      Qualifiers

      • Extended-abstract
      • Research
      • Refereed limited

      Conference

      CHI '22
      Sponsor:
      CHI '22: CHI Conference on Human Factors in Computing Systems
      April 29 - May 5, 2022
      LA, New Orleans, USA

      Acceptance Rates

      Overall Acceptance Rate 6,164 of 23,696 submissions, 26%

      Upcoming Conference

      CHI 2025
      ACM CHI Conference on Human Factors in Computing Systems
      April 26 - May 1, 2025
      Yokohama , Japan

      Contributors

      Other Metrics

      Bibliometrics & Citations

      Bibliometrics

      Article Metrics

      • Downloads (Last 12 months)133
      • Downloads (Last 6 weeks)12
      Reflects downloads up to 23 Feb 2025

      Other Metrics

      Citations

      Cited By

      View all
      • (2024)A framework for analyzing authentication risks in account networksComputers and Security10.1016/j.cose.2023.103515135:COnline publication date: 10-Jan-2024
      • (2023)A Novel Non-Biometric Multi-Factor Authentication System Using Audios and Relationships2023 IEEE International Conference on Industrial Engineering and Engineering Management (IEEM)10.1109/IEEM58616.2023.10406725(0279-0283)Online publication date: 18-Dec-2023

      View Options

      Login options

      View options

      PDF

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      HTML Format

      View this article in HTML Format.

      HTML Format

      Figures

      Tables

      Media

      Share

      Share

      Share this Publication link

      Share on social media