Online security behaviour: factors influencing intention to adopt two-factor authentication

Mitch Holmes*, Jacques Ophoff*

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

Two-factor authentication (2FA) is a protective technology designed to increase the security of online accounts. The enhanced security is achieved by using two layers of authentication to facilitate a login process so that should one layer become compromised (e.g. a password), the second layer will still ensure that the account is protected. Considering the prevalence of cybercrime and in particular, password attacks, it is important to examine the behaviour of individuals in terms of the effort they make to protect their online account(s). Studies surrounding 2FA have focused on the various technologies supporting it as well as issues concerning its usability and convenience. In general, users fail to protect themselves online due to the effort that is required. Enhanced security means increased effort and inconvenience, and although risks are present and perceived by Internet users, sufficient effort to protect their online accounts is not made. This study made use of a Protection Motivation Theory (PMT) approach in trying to understand the behaviour of Internet users surrounding their intentions to adopt 2FA to protect their online account(s). The PMT model is adapted to include an additional concept focusing on ‘Technology Awareness’. Empirical data was collected using an online survey, with 209 responses analysed using Partial Least Squares Structural Equation Modelling (PLS-SEM). Results were in line with other protective technology literature in terms of the perception of online threat vulnerability and severity being less significant in determining behavioural intention than the perception of the technology itself. The results show that the perception of (1) the difficulty associated with using the 2FA technology (response costs) and (2) the effectiveness of the 2FA technology (response efficacy) prove to be significant in determining behavioural intention to adopt 2FA as protective technology. Lastly, awareness of online security issues and solutions was relevant in the adapted PMT model and significantly influenced intention.

Original languageEnglish
Title of host publicationProceedings of the 14th International conference on cyber warfare and security, ICCWS 2019
EditorsNoelle van der Waag-Cowling, Louise Leenen
Place of PublicationReading
PublisherAcademic Conferences and Publishing International Limited
Pages123-132
Number of pages10
ISBN (Electronic)9781912764129
ISBN (Print)9781912764112, 9781510882928
Publication statusPublished - 2019
Externally publishedYes
Event14th International Conference on Cyber Warfare and Security - Stellenbosch, South Africa
Duration: 28 Feb 20191 Mar 2019
Conference number: 14th

Publication series

NameProceedings
PublisherAcademic Conferences and Publishing International Ltd.
ISSN (Print)2048-9870
ISSN (Electronic)2048-9889

Conference

Conference14th International Conference on Cyber Warfare and Security
Abbreviated titleICCWS 2019
CountrySouth Africa
CityStellenbosch
Period28/02/191/03/19

    Fingerprint

Cite this

Holmes, M., & Ophoff, J. (2019). Online security behaviour: factors influencing intention to adopt two-factor authentication. In N. van der Waag-Cowling, & L. Leenen (Eds.), Proceedings of the 14th International conference on cyber warfare and security, ICCWS 2019 (pp. 123-132). (Proceedings). Academic Conferences and Publishing International Limited.