Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

2FA: Navigating the Challenges and Solutions for Inclusive Access

Alexander Lengert

TL;DR

The paper addresses the tension between strong online security and accessibility for users with disabilities. It analyzes current 2FA methods across platforms, highlighting a lack of standardization and diverse accessibility challenges. The authors discuss future directions such as autofill and FIDO2 passkeys to improve inclusivity while acknowledging privacy and security trade-offs. They advocate for cross stakeholder collaboration to ensure security enhancements do not compromise accessibility, aiming for a digital environment where security and inclusion reinforce each other.

Abstract

The digital age requires strong security measures to protect online activities. Two-Factor Authentication (2FA) has emerged as a critical solution. However, its implementation presents significant challenges, particularly in terms of accessibility for people with disabilities. This paper examines the intricacies of deploying 2FA in a way that is secure and accessible to all users by outlining the concrete challenges for people who are affected by various types of impairments. This research investigates the implications of 2FA on digital inclusivity and proposes solutions to enhance accessibility. An analysis was conducted to examine the implementation and availability of various 2FA methods across popular online platforms. The results reveal a diverse landscape of authentication strategies. While 2FA significantly improves account security, its current adoption is hampered by inconsistencies across platforms and a lack of standardised, accessible options for users with disabilities. Future advancements in 2FA technologies, including but not limited to autofill capabilities and the adoption of Fast IDentity Onlines (FIDO) protocols, offer possible directions for more inclusive authentication mechanisms. However, ongoing research is necessary to address the evolving needs of users with disabilities and to mitigate new security challenges. This paper proposes a collaborative approach among stakeholders to ensure that security improvements do not compromise accessibility. It promotes a digital environment where security and inclusivity mutually reinforce each other.

2FA: Navigating the Challenges and Solutions for Inclusive Access

TL;DR

The paper addresses the tension between strong online security and accessibility for users with disabilities. It analyzes current 2FA methods across platforms, highlighting a lack of standardization and diverse accessibility challenges. The authors discuss future directions such as autofill and FIDO2 passkeys to improve inclusivity while acknowledging privacy and security trade-offs. They advocate for cross stakeholder collaboration to ensure security enhancements do not compromise accessibility, aiming for a digital environment where security and inclusion reinforce each other.

Abstract

The digital age requires strong security measures to protect online activities. Two-Factor Authentication (2FA) has emerged as a critical solution. However, its implementation presents significant challenges, particularly in terms of accessibility for people with disabilities. This paper examines the intricacies of deploying 2FA in a way that is secure and accessible to all users by outlining the concrete challenges for people who are affected by various types of impairments. This research investigates the implications of 2FA on digital inclusivity and proposes solutions to enhance accessibility. An analysis was conducted to examine the implementation and availability of various 2FA methods across popular online platforms. The results reveal a diverse landscape of authentication strategies. While 2FA significantly improves account security, its current adoption is hampered by inconsistencies across platforms and a lack of standardised, accessible options for users with disabilities. Future advancements in 2FA technologies, including but not limited to autofill capabilities and the adoption of Fast IDentity Onlines (FIDO) protocols, offer possible directions for more inclusive authentication mechanisms. However, ongoing research is necessary to address the evolving needs of users with disabilities and to mitigate new security challenges. This paper proposes a collaborative approach among stakeholders to ensure that security improvements do not compromise accessibility. It promotes a digital environment where security and inclusivity mutually reinforce each other.

Paper Structure

This paper contains 24 sections, 5 figures, 2 tables.

Table of Contents

  1. Introduction
  2. Understanding 2fa and Accessibility
  3. Two-Factor Authentication (2fa)
  4. Accessibility Norms
  5. Disability Types
  6. Visual Impairment
  7. Hearing Impairment
  8. Motor Impairment
  9. Cognitive Impairment
  10. Challenges in Implementing 2fa for People with Disabilities
  11. Perceivability
  12. Operability
  13. Understandability
  14. Robustness
  15. Choice and Availability
  16. ...and 9 more sections

Figures (5)

  • Figure 1: Examples of 2fa settings of some popular websites on the internet: (a) Amazon's 2fa settings contain totp without backup codes and SMS. (b) Yahoo's 2fa settings contain Push, sms, totp with backup codes, and u2f/fido. (c) Wikipedia's 2fa settings are not available with a normal user account. (d) X's 2fa settings contain sms, totp with backup codes, and u2f/fido.
  • Figure 2: totp setup in Twilio Authy.
  • Figure 3: totp autofill functionality demo. https://lngrt.de/totp-autofill-demo
  • Figure 4: Prompt for fido authentication.
  • Figure 5: Passkey set up in Bitwarden.