Accessibility challenges in Multi-Factor Authentication

Microsoft app asking a user to approve a sign-in request

What is Multi-Factor Authentication?

In today’s world, securing online accounts and protecting sensitive information is a top priority. Multi-factor authentication (MFA) has emerged as a robust security measure: it combines at least two pieces of evidence to verify a user’s identity. The primary types of evidence used are a password or PIN number, physical objects such as a mobile phone or hardware token, and biometric data like fingerprints or facial recognition.

The most common example of MFA would be when you are making an online purchase on a desktop computer and you must confirm the purchase has been made on your mobile banking application. If you are unable to confirm the purchase on your banking app, you cannot make the purchase on your desktop.

By implementing MFA, online service providers aim to strengthen account security and reduce the risk of unauthorised access or identity theft. However, we must also consider the accessibility challenges MFA poses for users.

Hearing Impairments

Individuals who are deaf or hard of hearing might have difficulties if audio-based factors are part of the MFA process. They will need additional visual cues such as flashing notifications or vibrating alerts to engage with MFA independently. Providing text-based alternatives for audio prompts or allowing the use of sign language can also enhance accessibility.

Motor Disabilities

People with motor disabilities may find it difficult to complete MFA actions that require precise physical movements, such as typing complex passwords or using physical tokens, especially within a short time frame. Having alternative input methods such as voice recognition and switch controls and the ability to extend time limits can ensure better accessibility for them.

Cognitive Disabilities

Users with cognitive disabilities may struggle with remembering complex passwords or following multi-step processes. Simplifying the authentication steps, allowing for customisable security settings, and offering support tools like password managers or visual aids can help mitigate these challenges.

Combination of Disabilities

It is important to recognise that individuals might have multiple disabilities which can compound the accessibility challenges associated with MFA. Adhering to universal design principles – such as flexibility, simplicity, and user customisation – can address their needs effectively.

Conclusion

Multi-factor authentication is an important security measure in today’s digital landscape. However, we must ensure that implementing MFA systems does not exclude people with disabilities. By taking into account the challenges these individuals may face and adding accessibility features and alternative options, online service providers can create inclusive MFA experiences that prioritise both security and accessibility.

Get in touch

    Inclusion and Accessibility Labs logo

    IA Labs DAC. Copyright © 2022. All rights reserved. Company registered in Ireland No. 693460.
    Registered Office: Whitworth Road, Drumcondra, Dublin 9. Tel: +353 1 224 8086