Degree Name



Computer Science


Physical and Mathematical Sciences

Defense Date


Publication Date


First Faculty Advisor

Kent Seamons

First Faculty Reader

Daniel Zappala

Honors Coordinator

Seth Holladay


DUO, 2FA, two-factor authentication, usable security, two-factor, security


Simple password-based authentication provides insufficient protection against increasingly common incidents of online identity theft and data loss. Although two-factor authentication (2FA) provides users with increased protection against attackers, users have mixed feelings about the usability of 2FA. We surveyed the students, faculty, and staff of Brigham Young University (BYU) to measure user sentiment about DUO Security, the 2FA system adopted by BYU in 2017. We find that most users consider DUO to be annoying, and about half of those surveyed expressed a preference for authentication without using a second-factor. About half of all participants reported at least one instance of being locked out of their BYU account because of an inability to authenticate with DUO. Students and faculty generally had more negative perceptions of DUO than staff. We suggest that user sentiment about 2FA may most easily be improved by 1) helping users develop a sense of self-efficacy regarding 2FA and 2) educating users about the risks mitigated by 2FA.