L1 North Tower, 527 Gregory Terrace

Fortitude Valley,

QLD 4006

Overcome User Resistance to Multi-Factor Authentication With These Tips

Overcome User Resistance to Multi-Factor Authentication With These Tips

Most companies understand the importance of multi-factor authentication (MFA) for securing their cloud accounts. Employees these days have so many different passwords that making unique strong passwords for all of them is usually a tall order.

What’s more common is for employees to reuse passwords across multiple accounts and create weak, easy-to-remember passwords. This leaves company accounts for cloud services at risk and is why MFA is needed to reduce cloud account breaches.

The average Australian worker has 66 different passwords to keep up with.

Unfortunately, knowing what should be done for best security practices and actually implementing it are two different things. Many small and mid-sized companies fail to deploy this critical safeguard because users think it’s inconvenient.

Globally, adoption for MFA for enterprises is high but shockingly low for SMBs. According to a study on adoption rates by LastPass, MFA adoption averages are:

  • Enterprises: 87%
  • Medium-sized companies (500-1000 workers): 44%
  • Small businesses: 27%

How can you get more user support for MFA so you can adopt this important cloud-jacking safeguard without resentment or loss of productivity? We have several tips below that can help.

Ways to Gain More Support for MFA Adoption at Your Company

Provide Users With a Choice

When companies implement a new workflow requirement, users will often push back at being asked to change something they do every day. They feel as if they have no choice and thus have no ownership of the new process.

You can decrease resistance by offering a choice in how employees implement the new MFA requirement. Providing an option helps employees feel they at least have a little control.

Some of the options that you could allow employees to choose from include:

  • SMS to receive the MFA code
  • Device app to receive the MFA code
  • Use of a security key that inserts into a device
  • Biometric, like a fingerprint scan for authentication

Add Single Sign-On (SSO) to Improve Convenience

The biggest complaint that users have with adopting MFA is that it’s going to take them more time and be more work for them. If you introduce MFA along with a single sign-on solution, you can nip that complaint in the bud.

SSO applications connect to all your business cloud accounts and allow you to apply a consistent user login experience. Users only need to log in and go through the MFA prompt once to gain access to all their work accounts. This will make the implementation more convenient and give a better user experience.

Keep Users in the Loop Early On

If you come in and tell everyone that today they are to begin using multi-factor authentication, you’ll get a lot more pushback than if you looped users in weeks in advance.

People need time to adjust to the idea of adopting a new workflow and giving them a heads up a few weeks before you implement MFA provides that.

Letting employees know ahead of time, helps them prepare mentally for the change and allows you to engage with them to address concerns and alleviate resistance before going live with the solution.

Prepare a List of “WIIFM” (What’s In It For Me)

There is an entire field designed to help guide people through a business change. It’s called change management and includes tactics of communication and engagement to mitigate resistance and help new company initiatives be more successful.

One of the tactics used in change management is called the WIIFM – this means creating a list of ways that a change will benefit the users (i.e., what’s in it for me?). If employees know how implementing MFA will benefit them personally, in addition to the company, it helps increase understanding and support.

Provide Post-Go-Live User Support for at Least 30 Days

Once you’ve implemented MFA across your business, it’s important to provide user support. It’s just after people adopt a new process that they run into the most issues and road bumps. Problems and complaints coming after a project goes live can cause the new process to be abandoned if those complaints aren’t addressed.

A good rule of thumb is to offer post-go-live support for a new tool or process adoption for at least 30 days. This means to give users a person or helpdesk they can contact when they run into problems with the new process, as well as proactively checking in with them to see how things are going.

Helping users through their first few weeks of using a new process and providing additional training if needed can greatly improve your chances of a successful MFA adoption.

Get Expert Help Smoothly Implementing MFA and Single Sign-On

Connected Platforms can help your Brisbane area business with MFA and SSO solutions that are affordable and effective. 

Contact us for a free consultation. Call (07) 3062 6932 or book a coffee meeting online.

More blog posts

Duo of hoody wearing hackers trying to illegally access information | Featured image for Types of Hacker Attacks – Understanding Business Risk Blog on Connected Platforms.

Types of Hacker Attacks – Understanding Business Risk

As a business owner, one of the fundamental elements of owning your own business is understanding what risks you are going to be subject to. This is more so important for those businesses that rely heavily on internet-based software and programs, online data storing, and any sort of communications that take place using online connections.

Call Now Button