Cisco’s Duo Labs Examines Two-Factor Authentication Practices

Cisco Systems’ Duo Labs released its third-ever “State of the Auth” report, examining aspects of – and perceptions of – two-factor authentication (2FA) practices in the U.S. and U.K.. Of note, just 32 percent of respondents report using 2FA on “all applications” when available.

Still, about 79 percent of those surveyed use some form of two-factor authentication in 2021 (compared to 2019’s 53 percent).

SMS (85 percent) led the way as the most commonly requested factor, followed by email (74 percent). Duo also noted that, while SMS is more secure than not employing 2FA whatsoever, push notifications and security keys are more effective in preventing penetration.

Banking apps (93 percent) continued to lead the way in terms of most-important applications requiring 2FA security.

Also of note, 42 percent reported using biometric authentication for “at least some applications,” with a separate Duo study indicating that top concerns with the method includes attacker replication (42 percent) and biometric information misuses by the organization (36 percent).

The report examined responses from 520 U.K. and 519 U.S. respondents representing companies of various sizes, sectors and operational types, with those surveyed, respectively, reporting a 77 percent and 67 percent 2FA adoption rate.