Thinking Twice Before Using 2FA

Why Two-Factor Authentication is Quickly Becoming Obsolete

2 Factor Authentication (2FA), a form of Multi-factor Authentication (MFA) or Multi-Step Verification, adds another layer of security, supplementing the username and password model with a code that only a specific user has access to (typically sent to something they have immediately to hand). It has quickly become one of the most valueable security practices a user can implement. This authentication method can be easily summed up as a combination of “something you have and something you know”.

In 2018, MarketWatch estimated that the multifactor authentication market is roughly $6.3 Billion and is expected to reach $16.8 Billion by 2024, a CAGR of 18%*. The growth of the market is driven by various factors such as an increase in data breaches and cyber-attacks, stringent regulation, and the growing pressure of data security compliances and the growing adoption of bring your own devices (BYODs) among enterprises. Many security practitioners have viewed it as an easy panacea in solving many extremely challenging problems. However, cost and technical complexity in implementing MFA and increase in MFA use/service time are expected to inhibit the market growth for a short period of time. The continued worldwide concern with digital security will allow the market to grow, but how will security companies adapt when 2FA becomes obsolete?


Harry Baker, is a Senior Consultant within DayBlink’s Cybersecurity Center of Excellence

Michael Morgenstern is a Partner and Practice Lead of DayBlink’s Cybersecurity Center of Excellence and is based in Boston, Massachusetts

To continue reading, click here to download