Two-factor authentication, popularly known as 2FA, is a multi-factor authentication method requiring users to add a second factor to authenticate their identity.
If a password gets breached, there’s an additional level of security to prevent total account loss.
Statistics reveal that two-factor authentication is higher among employed than unemployed individuals. It also shows that 32.4% have set 2FA across all their applications, with the prevalence rate growing to 79% in 2021.
Below are two-factor authentication statistics for a broader view of this authentication method.
Top 5 Two-Factor Authentication Statistics (Editor’s Pick)
- The global passwordless authentication market in 2022 was valued at $15.6 billion.
- 84% of companies worldwide in 2022 used passwords as their primary security factor.
- As of April 2023, 158 companies globally use Google Authenticator as a two-factor authentication tool.
- In April 2023, RSA SecurlD dominates the two-factor authentication software market with a 42.89% market share.
- The technology industry in 2023 has 743 customers using two-factor authentication technology.
Infographic

General Two-Factor Authentication Statistics
1. The prevalence rate of two-factor authentication in 2021 grew to 79%.
There was a 26% rise in the prevalence rate of 2FA from 53% in 2019 and 28% in 2017.
2. In 2021, the two-factor authentication adoption rate was 60% among users aged 65+.
In comparison, adoption was 75% for users between 25 and 34.
Age | Adoption Rate |
---|---|
18 to 24 | 72% |
25 to 34 | 75% |
35 to 44 | 75% |
45 to 54 | 69% |
55 to 64 | 74% |
65+ | 60% |
3. Two-factor adoption was 19% higher in employed individuals than in unemployed in 2021.
The 2FA adoption rate in employed and unemployed individuals was 79% and 60%, respectively.
4. 32.4% of individuals adopted two-factor authentication across all their applications.
Meanwhile, 37.9% of them adopted 2FA on some applications. Only 29.6% did not adopt it on any of their applications.
5. In 2021, SMS accounted for 85.2% of second factors used in two-factor authentications.
Meanwhile, Email and mobile passcode came second and third at 74.3% and 44.4%, respectively.
Second Factor Type | Adoption Rate |
---|---|
SMS | 85.2% |
74.3% | |
Mobile Passcode | 44.4% |
Push Notifications | 35.7% |
Phone Callback | 28.7% |
Security Key | 9.7% |
Hardware Token | 8.1% |
6. 53.4% of individuals in 2021 were willing to adopt SMS as a second factor in two-factor authentications for new accounts.
Meanwhile, those willing to adopt email were 20.2%. Hardware tokens came last at 1.1%.
Second Factor Type | Adoption Rate for New Accounts |
---|---|
SMS | 53.4% |
20.2% | |
Mobile Passcode | 9.9% |
Phone Callback | 6.6% |
Push Notifications | 5.6% |
Security Key | 3.3% |
Hardware Token | 1.1% |
7. 2.6% of active Twitter accounts in 2021 enabled at least one two-factor authentication method.
This accounted for a 6.3% rise from 2.5% in the previous period.
8. In 2021, SMS comprised 74.4% of two-factor authentication used on Twitter accounts.
Authenticator apps and security keys comprised 28.9% and 0.5% of 2FA methods, respectively.
9. Total losses from account takeover attacks in 2021 totaled $11.4 billion.
These attacks increased by 307% between 2019 and 2021.

10. By the end of 2021, Google automatically enrolled 150 million users into their two-factor authentication security verification.
They also planned to require over 2 million YouTube Creators to turn it on.
Two-Factor Authentication Password Statistics
11. 46% of enterprises in 2021 found compromised credentials as one of the biggest concerns when dealing with static passwords.
In comparison, 35% of those who chose to go passwordless (biometric) claimed biometric data storage was their biggest concern.
12. In 2021, 77% of enterprises in India were willing to implement a passwordless strategy (biometric, pin, smart cards) in their organization.
Meanwhile, 65% and 63% of enterprises in Singapore and Australia were willing.
On the other hand, 39% of enterprises in Japan were unwilling to go passwordless.
Region | Share of Enterprises Ready to Go Passwordless | Region | Share of Enterprises Least Likely to Go Passwordless |
---|---|---|---|
India | 77% | Japan | 39% |
Singapore | 65% | Germany | 34% |
Australia | 63% | UAE | 33% |
13. The global passwordless authentication market in 2022 was valued at $15.6 billion.
In 2020 and 2021, the passwordless authentication market was valued at $10.3 and $12.8 billion, respectively. The market is forecasted to hit $53.6 billion in 2030.
14. 84% of companies worldwide in 2022 used passwords as their primary security factor.
This percentage accounted for an 11% drop from 95% in 2021. Likewise, the use of biometrics as a security factor dropped from 45% in 2021 to 34% in 2022.
Security Factor | 2022 | 2021 |
---|---|---|
Passwords | 84% | 95% |
Security Question | 56% | 68% |
SMS, Voice, Email OTP | 52% | 60% |
Software OTP | 41% | 43% |
Push Authenticator | 35% | 13% |
Biometrics | 34% | 45% |
Hardware OTP | 30% | 17% |
Security Key | 16% | 21% |
15. In 2021, there was a 60% password reuse rate.
70% of users who had experienced a breach continued to reuse a compromised password. 1.7 million accounts had ‘2021’ in their password, while the number one reused plaintext password was “password.”
Two-Factor Authentication Statistics by Industry
16. As of April 2023, 158 companies globally use Google Authenticator as a two-factor authentication tool.
Currently, Google Authenticator has a market share of 5.20%. Top industries using it include Artificial intelligence, Machine Learning, and Cloud Computing.
The other three include Fintech, healthcare, and IoT.
17. In April 2023, RSA SecurlD dominates the two-factor authentication software market with a 42.89% market share.
Clef and Symantec VIP come in second and third with a market share of 16.46% and 7.34%, respectively.
18. 47.13% of companies using two-factor authentication software in April 2023 are from the United States.
The UK and Netherlands take second and third place at 13.54% and 11.20%, respectively.
19. The technology industry in 2023 has 743 customers using two-factor authentication technology.
It dominates, with 743 customers coming from the industry. The professional and financial services industries come second and third, with 547 and 157 customers.
Industry | Share of Customers |
---|---|
Technology | 743 |
Professional Services | 547 |
Financial Services | 157 |
Retail & CPG | 151 |
Media & Telecom | 116 |
Healthcare & Lifesciences | 98 |
20. In 2023, companies with 9 employees and under use the most two-factor authentication tools.
Globally, there are 885 companies with under 9 employees using 2FA tools.
In comparison, those with 20 to 49 employees are 511.
Multiple-Factor Authentication Statistics
21. In 2021, the Philippines' multi-factor authentication volume rose by 154%.
It recorded the highest rise in multi-factor authentication volume compared to other regions, such as India and Canada, which had 80% and 46% growth, respectively.
Region | Increase in Authentication Volume |
---|---|
Philippines | +154% |
India | +80% |
Canada | +46% |
UK | +40% |
Australia | +21% |
US | +11% |
22. Multi-factor authentication volume in Israel in 2021 dropped by 70%.
Israel had the most significant drop in MFA volume compared to other regions.
The Netherlands registered the lowest decline of 11%.
Region | Decrease in Authentication Volume |
---|---|
Netherlands | -11% |
China | -20% |
Czechia | -25% |
Belarus | -37% |
Iceland | -40% |
Israel | -70% |
23. The global multi-factor authentication market grew to 13 billion.
The overall MFA market has risen from a low of $2.82 billion in 2016 to a high of 12.9 billion in 2022. It is projected that the market will grow to 26.7 billion in 2027.
Year | Global MFA Market Size |
---|---|
2016 | $2.82 billion |
2017 | $3.92 billion |
2018 | $5.51 billion |
2019 | $7.59 billion |
2020 | $9.45 billion |
2021 | $11.37 billion |
2022 | $12.9 billion |
24. 80% of organizations in the EMEA region in 2022 had already implemented multi-factor authentication.
MFA implementation in the APAC and NA regions was 76% and 72%, respectively.
Region | Implemented MFA | Implementing MFA in the Next 12 to 18 Months |
---|---|---|
APAC | 76% | 27% |
EMEA | 80% | 25% |
NA | 72% | 29% |
25. In 2021, 57.8% of companies used Authenticator Apps for multi-factor authentication.
Meanwhile, SMS code and secondary email comprised 39.1% and 14.7% of MFA usage by companies, respectively. 57.8% of companies used authenticator apps.
Multi-Factor Authentication Type | Share of Companies Using It |
---|---|
Authenticator application | 57.8% |
SMS code | 39.1% |
One Time Password (OTP) | 37.4% |
Hardware security key | 30% |
Secondary Email | 14.7% |
Other | 7.3% |
26. 22% of individuals in the US and the UK in 2021 did not use multi-factor authentication as they had no idea how to.
Meanwhile, 24% found it too complicated, and 13% felt it interfered with productivity.
Reason for Not Using MFA | Percentage |
---|---|
Too difficult | 24% |
No idea how to | 22% |
Understand the risk but not the problem behind the risk | 18% |
Don’t care | 15% |
Conflicts with productivity | 13% |
Other | 8% |
27. 56.7% of companies in 2021 had an authentication app when a breach occurred.
In comparison, only 6.7% of companies using secondary email as an MFA type experienced a breach.
Type of MFA in Place | Share of Companies Using It |
---|---|
Authentication app | 56.7% |
One-time password | 13.3% |
SMS Code | 13.3% |
Hardware Security Key | 10% |
Secondary Email | 6.7% |
28. 42% of companies in 2021 cited cost as a barrier when adopting multi-factor authentication.
Meanwhile, 48% felt it was challenging to integrate with current systems, 26% thought it required too many resources to deploy and manage, and 49% cited poor user experience.
Two-Factor Authentication Device Statistics
29. Invalid device users caused 22.6% of authentication failures in 2021.
Meanwhile, 14.8% of these authentications failed because of out-of-date devices.
In total, 7.6% of all authentication attempts failed globally.

Get an Additional Layer of Security
Having a second form of authentication drastically decreases an attacker’s chances of gaining access to your accounts. While it might not always be effective, these statistics prove it has a great success rate – and it’s easy enough to implement!
If you found these statistics helpful, check out our other roundup of password statistics.
- https://duo.com/assets/ebooks/the-2021-duo-trusted-access-report.pdf
- https://www.statista.com/statistics/1342107/global-multi-factor-authentication-market-size/
- https://www.statista.com/statistics/1290586/passwordless-authentication-global-market-size/
- https://www.statista.com/statistics/1300241/security-factors-used-by-companies/
- https://www.statista.com/statistics/1342527/global-deployment-level-of-mfa-system-by-region/
- https://www.statista.com/statistics/1305655/global-mfa-usage-by-companies/
- https://www.statista.com/statistics/1305250/reasons-for-not-using-mfa-us-uk/
- https://duo.com/assets/ebooks/state-of-the-auth-2021.pdf
- https://www.statista.com/statistics/1343836/global-mfa-adoption-obstacles-by-companies/
- https://transparency.twitter.com/en/reports/account-security.html#2021-jul-dec
- https://6sense.com/tech/two-factor-authentication/google-authenticator-market-share
- https://6sense.com/tech/two-factor-authentication
- https://www.telesign.com/fraud-prevention/account-takeover-fraud?utm_source=google&utm_medium=paid_search&utm_campaign=Digital+Identity+-+EMEA
- https://blog.google/technology/safety-security/making-sign-safer-and-more-convenient/
- https://f.hubspotusercontent20.net/hubfs/3791228/2022%20SpyCloud%20Annual%20Identity%20Exposure%20Report.pdf