25+ Two-Factor Authentication Statistics, Facts, & Trends

We are reader supported and may earn a commission when you buy through links on our site. Learn more.

Two-factor authentication, popularly known as 2FA, is a multi-factor authentication method requiring users to add a second factor to authenticate their identity.

If a password gets breached, there’s an additional level of security to prevent total account loss.

Statistics reveal that two-factor authentication is higher among employed than unemployed individuals. It also shows that 32.4% have set 2FA across all their applications, with the prevalence rate growing to 79% in 2021.

Below are two-factor authentication statistics for a broader view of this authentication method.

Top 5 Two-Factor Authentication Statistics (Editor’s Pick)

  • The global passwordless authentication market in 2022 was valued at $15.6 billion.
  • 84% of companies worldwide in 2022 used passwords as their primary security factor.
  • As of April 2023, 158 companies globally use Google Authenticator as a two-factor authentication tool.
  • In April 2023, RSA SecurlD dominates the two-factor authentication software market with a 42.89% market share.
  • The technology industry in 2023 has 743 customers using two-factor authentication technology.

Infographic

top 5 two factor-authentication statistics
Share This Image On Your Website
				
					<a href="https://vpnalert.com/resources/two-factor-authentication-statistics/" target="_blank" data-wpel-link="internal"><img src="https://vpnalert.com/wp-content/uploads/2023/05/top-5-two-factor-authentication-statistics.png" alt="Top 5 Two-Factor Authentication Statistics" width="768" border="0" height="775.04" loading="lazy" fetchpriority="low" srcset="https://vpnalert.com/wp-content/uploads/2023/05/top-5-two-factor-authentication-statistics-768x775.png 768w, https://vpnalert.com/wp-content/uploads/2023/05/top-5-two-factor-authentication-statistics-297x300.png 297w, https://vpnalert.com/wp-content/uploads/2023/05/top-5-two-factor-authentication-statistics-1015x1024.png 1015w, https://vpnalert.com/wp-content/uploads/2023/05/top-5-two-factor-authentication-statistics-150x150.png 150w, https://vpnalert.com/wp-content/uploads/2023/05/top-5-two-factor-authentication-statistics.png 1200w" sizes="auto"></a>
				
			

General Two-Factor Authentication Statistics

1. The prevalence rate of two-factor authentication in 2021 grew to 79%.

There was a 26% rise in the prevalence rate of 2FA from 53% in 2019 and 28% in 2017.

2. In 2021, the two-factor authentication adoption rate was 60% among users aged 65+.

In comparison, adoption was 75% for users between 25 and 34.

Age Adoption Rate
18 to 24 72%
25 to 34 75%
35 to 44 75%
45 to 54 69%
55 to 64 74%
65+ 60%

3. Two-factor adoption was 19% higher in employed individuals than in unemployed in 2021.

The 2FA adoption rate in employed and unemployed individuals was 79% and 60%, respectively.

4. 32.4% of individuals adopted two-factor authentication across all their applications.

Meanwhile, 37.9% of them adopted 2FA on some applications. Only 29.6% did not adopt it on any of their applications.

5. In 2021, SMS accounted for 85.2% of second factors used in two-factor authentications.

Meanwhile, Email and mobile passcode came second and third at 74.3% and 44.4%, respectively.

Second Factor Type Adoption Rate
SMS 85.2%
Email 74.3%
Mobile Passcode 44.4%
Push Notifications 35.7%
Phone Callback 28.7%
Security Key 9.7%
Hardware Token 8.1%

6. 53.4% of individuals in 2021 were willing to adopt SMS as a second factor in two-factor authentications for new accounts.

Meanwhile, those willing to adopt email were 20.2%. Hardware tokens came last at 1.1%.

Second Factor Type Adoption Rate for New Accounts
SMS 53.4%
Email 20.2%
Mobile Passcode 9.9%
Phone Callback 6.6%
Push Notifications 5.6%
Security Key 3.3%
Hardware Token 1.1%

7. 2.6% of active Twitter accounts in 2021 enabled at least one two-factor authentication method.

This accounted for a 6.3% rise from 2.5% in the previous period.

8. In 2021, SMS comprised 74.4% of two-factor authentication used on Twitter accounts.

Authenticator apps and security keys comprised 28.9% and 0.5% of 2FA methods, respectively.

9. Total losses from account takeover attacks in 2021 totaled $11.4 billion.

These attacks increased by 307% between 2019 and 2021.

account takeover attacks losses
Share This Image On Your Website
				
					<a href="https://vpnalert.com/resources/two-factor-authentication-statistics/" target="_blank" data-wpel-link="internal"><img src="https://vpnalert.com/wp-content/uploads/2023/05/account-takeover-attacks-losses.png" alt="Account Takeover Attacks Losses" width="768" border="0" height="378.45010323469" loading="lazy" fetchpriority="low" srcset="https://vpnalert.com/wp-content/uploads/2023/05/account-takeover-attacks-losses-768x378.png 768w, https://vpnalert.com/wp-content/uploads/2023/05/account-takeover-attacks-losses-300x148.png 300w, https://vpnalert.com/wp-content/uploads/2023/05/account-takeover-attacks-losses-1024x505.png 1024w, https://vpnalert.com/wp-content/uploads/2023/05/account-takeover-attacks-losses.png 1453w" sizes="auto"></a>
				
			

10. By the end of 2021, Google automatically enrolled 150 million users into their two-factor authentication security verification.

They also planned to require over 2 million YouTube Creators to turn it on.   

Two-Factor Authentication Password Statistics

11. 46% of enterprises in 2021 found compromised credentials as one of the biggest concerns when dealing with static passwords.

In comparison, 35% of those who chose to go passwordless (biometric) claimed biometric data storage was their biggest concern.

12. In 2021, 77% of enterprises in India were willing to implement a passwordless strategy (biometric, pin, smart cards) in their organization.

Meanwhile, 65% and 63% of enterprises in Singapore and Australia were willing.

On the other hand, 39% of enterprises in Japan were unwilling to go passwordless.

Region Share of Enterprises Ready to Go Passwordless Region Share of Enterprises Least Likely to Go Passwordless
India 77% Japan 39%
Singapore 65% Germany 34%
Australia 63% UAE 33%

13. The global passwordless authentication market in 2022 was valued at $15.6 billion.

In 2020 and 2021, the passwordless authentication market was valued at $10.3 and $12.8 billion, respectively. The market is forecasted to hit $53.6 billion in 2030.

14. 84% of companies worldwide in 2022 used passwords as their primary security factor.

This percentage accounted for an 11% drop from 95% in 2021. Likewise, the use of biometrics as a security factor dropped from 45% in 2021 to 34% in 2022.

Security Factor 2022 2021
Passwords 84% 95%
Security Question 56% 68%
SMS, Voice, Email OTP 52% 60%
Software OTP 41% 43%
Push Authenticator 35% 13%
Biometrics 34% 45%
Hardware OTP 30% 17%
Security Key 16% 21%

15. In 2021, there was a 60% password reuse rate.

70% of users who had experienced a breach continued to reuse a compromised password. 1.7 million accounts had ‘2021’ in their password, while the number one reused plaintext password was “password.”     

Two-Factor Authentication Statistics by Industry

16. As of April 2023, 158 companies globally use Google Authenticator as a two-factor authentication tool.

Currently, Google Authenticator has a market share of 5.20%. Top industries using it include Artificial intelligence, Machine Learning, and Cloud Computing.

The other three include Fintech, healthcare, and IoT.

17. In April 2023, RSA SecurlD dominates the two-factor authentication software market with a 42.89% market share.

Clef and Symantec VIP come in second and third with a market share of 16.46% and 7.34%, respectively.

18. 47.13% of companies using two-factor authentication software in April 2023 are from the United States.

The UK and Netherlands take second and third place at 13.54% and 11.20%, respectively.

19. The technology industry in 2023 has 743 customers using two-factor authentication technology.

It dominates, with 743 customers coming from the industry. The professional and financial services industries come second and third, with 547 and 157 customers.

Industry Share of Customers
Technology 743
Professional Services 547
Financial Services 157
Retail & CPG 151
Media & Telecom 116
Healthcare & Lifesciences 98

20. In 2023, companies with 9 employees and under use the most two-factor authentication tools.

Globally, there are 885 companies with under 9 employees using 2FA tools.

In comparison, those with 20 to 49 employees are 511.

Multiple-Factor Authentication Statistics

21. In 2021, the Philippines' multi-factor authentication volume rose by 154%.

It recorded the highest rise in multi-factor authentication volume compared to other regions, such as India and Canada, which had 80% and 46% growth, respectively.

Region Increase in Authentication Volume
Philippines +154%
India +80%
Canada +46%
UK +40%
Australia +21%
US +11%

22. Multi-factor authentication volume in Israel in 2021 dropped by 70%.

Israel had the most significant drop in MFA volume compared to other regions.

The Netherlands registered the lowest decline of 11%.

Region Decrease in Authentication Volume
Netherlands -11%
China -20%
Czechia -25%
Belarus -37%
Iceland -40%
Israel -70%

23. The global multi-factor authentication market grew to 13 billion.

The overall MFA market has risen from a low of $2.82 billion in 2016 to a high of 12.9 billion in 2022. It is projected that the market will grow to 26.7 billion in 2027.

Year Global MFA Market Size
2016 $2.82 billion
2017 $3.92 billion
2018 $5.51 billion
2019 $7.59 billion
2020 $9.45 billion
2021 $11.37 billion
2022 $12.9 billion

24. 80% of organizations in the EMEA region in 2022 had already implemented multi-factor authentication.

MFA implementation in the APAC and NA regions was 76% and 72%, respectively.

Region Implemented MFA Implementing MFA in the Next 12 to 18 Months
APAC 76% 27%
EMEA 80% 25%
NA 72% 29%

25. In 2021, 57.8% of companies used Authenticator Apps for multi-factor authentication.

Meanwhile, SMS code and secondary email comprised 39.1% and 14.7% of MFA usage by companies, respectively. 57.8% of companies used authenticator apps. 

Multi-Factor Authentication Type Share of Companies Using It
Authenticator application 57.8%
SMS code 39.1%
One Time Password (OTP) 37.4%
Hardware security key 30%
Secondary Email 14.7%
Other 7.3%

26. 22% of individuals in the US and the UK in 2021 did not use multi-factor authentication as they had no idea how to.

Meanwhile, 24% found it too complicated, and 13% felt it interfered with productivity.

Reason for Not Using MFA Percentage
Too difficult 24%
No idea how to 22%
Understand the risk but not the problem behind the risk 18%
Don’t care 15%
Conflicts with productivity 13%
Other 8%

27. 56.7% of companies in 2021 had an authentication app when a breach occurred.

In comparison, only 6.7% of companies using secondary email as an MFA type experienced a breach.

Type of MFA in Place Share of Companies Using It
Authentication app 56.7%
One-time password 13.3%
SMS Code 13.3%
Hardware Security Key 10%
Secondary Email 6.7%

28. 42% of companies in 2021 cited cost as a barrier when adopting multi-factor authentication.

Meanwhile, 48% felt it was challenging to integrate with current systems, 26% thought it required too many resources to deploy and manage, and 49% cited poor user experience. 

Two-Factor Authentication Device Statistics

29. Invalid device users caused 22.6% of authentication failures in 2021.

Meanwhile, 14.8% of these authentications failed because of out-of-date devices.

In total, 7.6% of all authentication attempts failed globally.

authentication failures by invalid device users
Share This Image On Your Website
				
					<a href="https://vpnalert.com/resources/two-factor-authentication-statistics/" target="_blank" data-wpel-link="internal"><img src="https://vpnalert.com/wp-content/uploads/2023/05/invalid-device-users-authentication-failures.png" alt="Authentication Failures by Invalid Device Users" width="768" border="0" height="378.45010323469" loading="lazy" fetchpriority="low" srcset="https://vpnalert.com/wp-content/uploads/2023/05/invalid-device-users-authentication-failures-768x378.png 768w, https://vpnalert.com/wp-content/uploads/2023/05/invalid-device-users-authentication-failures-300x148.png 300w, https://vpnalert.com/wp-content/uploads/2023/05/invalid-device-users-authentication-failures-1024x505.png 1024w, https://vpnalert.com/wp-content/uploads/2023/05/invalid-device-users-authentication-failures.png 1453w" sizes="auto"></a>
				
			

Get an Additional Layer of Security

Having a second form of authentication drastically decreases an attacker’s chances of gaining access to your accounts. While it might not always be effective, these statistics prove it has a great success rate – and it’s easy enough to implement!

If you found these statistics helpful, check out our other roundup of password statistics

References:
  1. https://duo.com/assets/ebooks/the-2021-duo-trusted-access-report.pdf
  2. https://www.statista.com/statistics/1342107/global-multi-factor-authentication-market-size/
  3. https://www.statista.com/statistics/1290586/passwordless-authentication-global-market-size/
  4. https://www.statista.com/statistics/1300241/security-factors-used-by-companies/
  5. https://www.statista.com/statistics/1342527/global-deployment-level-of-mfa-system-by-region/
  6. https://www.statista.com/statistics/1305655/global-mfa-usage-by-companies/
  7. https://www.statista.com/statistics/1305250/reasons-for-not-using-mfa-us-uk/
  8. https://duo.com/assets/ebooks/state-of-the-auth-2021.pdf
  9. https://www.statista.com/statistics/1343836/global-mfa-adoption-obstacles-by-companies/
  10. https://transparency.twitter.com/en/reports/account-security.html#2021-jul-dec
  11. https://6sense.com/tech/two-factor-authentication/google-authenticator-market-share
  12. https://6sense.com/tech/two-factor-authentication
  13. https://www.telesign.com/fraud-prevention/account-takeover-fraud?utm_source=google&utm_medium=paid_search&utm_campaign=Digital+Identity+-+EMEA
  14. https://blog.google/technology/safety-security/making-sign-safer-and-more-convenient/
  15. https://f.hubspotusercontent20.net/hubfs/3791228/2022%20SpyCloud%20Annual%20Identity%20Exposure%20Report.pdf