Two Factor Authentication or 2FA is a far better method to secure online accounts. It is a lot more secure than the simple username and password combination, but internet users simply refuse to adopt 2FA.
Google had to mandate using 2FA for its subscribers. But if the decision is entirely on users, the adoption rate for Two Factor Authentication is concerningly low.
Twitter Transparency Report reveals abysmally low Two Factor Authentication activation or usage:
The @Twitter transparency report published recently shows a 2.3% adoption rate of two-factor authentication. (ht @BleepinComputer) Here's a guide on how to protect your Twitter account with Bitwarden https://t.co/c4vIKT2fdd
— Bitwarden (@Bitwarden) July 23, 2021
The report claims only 2.3 percent of all active accounts have enabled at least one method of two-factor authentication (2FA). The report is for the July to December 2020 period. Of the 2.3 percent, nearly 80 percent used SMS-based, 30.9 percent opted for Multi-Factor Authentication (MFA) app, and just 0.5 percent chose a standalone security key.
2FA requires users to use a security key or enter a code in conjunction with the standard username and passwords to log into their accounts. Incidentally, Twitter offers multiple options for 2FA.
Twitter's latest transparency report does a lot to put my work into perspective. Only 2.3% of Twitter users had any kind of 2FA enabled on their account at all and 79.6% of them were using SMS. We have so much work left to do and I am tired. https://t.co/Cpwc2swfYf
— Eva (@evacide) July 21, 2021
Simply put, Twitter users can choose to activate one, two, or all three 2FA methods for each account. Interestingly, the numbers may look abysmal, but they are gradually climbing.
The Transparency Report does mention between July and December 2020 more than 9 percent of Twitter users chose to secure their accounts with at least one 2FA method.
Why is the low rate of 2FA adoption an industry-wide issue?
There’s no doubt that 2FA is critical in today’s world. Very poor password hygiene is one of the major causes of account hacks. Hackers merely try their luck with stolen passwords and often break into multiple accounts across several platforms using the same credentials.
Incidentally, SMS-based 2FA isn’t completely safe. SIM-jacking is a common method to reset passwords. Perhaps the most reliable 2FA method is the standalone security keys.
more in this short 👇 pic.twitter.com/bSELtspQSA
— Mark Nunnikhoven (@marknca) July 23, 2021
Some security experts blame complicated opt-in methods as the primary reason behind the low adoption of 2FA. Google, on the other hand, merely started mandating the use of 2FA.
Perhaps better education, awareness, and even routine prompts that take an Internet user directly to the 2FA setting could help increase the number of people opting for 2FA.
Incidentally, the majority of tech giants have steadily added the backend technologies needed to enable 2FA. It is now up to Internet users to actively take charge of securing their accounts.