The Emotional Impact of Multi-Factor Authentication for University Students

Abilene Christian University recently rolled out multi-factor authentication (MFA) to the entire student body. Previous work has found frequent negative reactions and dissent experienced in university settings in regard to MFA. This can lead to decreased compliance or the use of less secure passwords to compensate. We hypothesize these responses are tied to the emotional impact of using required MFA for critical tasks. We present an empirical study on user perception of adopting two-factor authentication (n=465). Our findings indicate that, due to the time sensitive nature of many tasks that required MFA, university students are likely to experience strong negative emotions towards MFA that drastically lower their perceptions of its utility and usability. However, our findings also show that these negative emotions can be at least partially mitigated when users feel more personally secure due to MFA, which can in part be controlled by rollout strategy and communication.