Designing resilient authentication for Login.gov users

Experience
Content

Background

When I joined Login.gov, I was assigned to Team Katherine which oversees account creation and management. Our team was tasked with improving the authentication setup experience to increase comprehension and adoption of more secure authentication methods to improve user account security and recoverability.

My Role

I led the UX and content design efforts, partnered closely with product and research, designed and prototyped test directions, and synthesized usability findings into recommendations that shipped to improve account creation success and security.

The Challenge

In 2021, Login.gov required at least one Multi-Factor Authentication (MFA) method. The previous labeling system, which designated MFA methods as more or less secure, made common options like one-time phone codes seem unsafe.
Furthermore, users could only set up one MFA method during account creation and often didn't realize they could add more later. Having only one MFA method increases the risk of being locked out and requiring account deletion and recreation.

Our challenge was then to enable users to:
  1. Confidently choose MFA methods
  2. Recover when an MFA method fails

Part 1: Making authentication understandable

Prior usability studies found that the labeling negatively affected user confidence in their authentication method choice. Most users did not know what authentication apps or security keys were and felt their phone may not be a strong way to secure their account.

Our team needed to design a new authentication setup flow that:
  • Increased user confidence in their MFA method selection
  • Bettered user understanding of MFA methods
  • Decreased user time to making an MFA selection

Methodology

I and my design lead, Julia Solórzano, conducted unmoderated usability testing to learn more about how end users select MFA methods. The test was performed via UserTesting.com. Participants independently walked through a series of tasks and questions as they navigated 2 interactive prototypes.

The team conducted 12 usability tests in 2 groups using 2 prototypes that showed both design versions in different arrangements in order to diminish the recency/primacy bias.

Prototype A - Illustration Layout

To give new users more context I wanted to provide them with illustrations that accompanied each authentication method. The hypothesis was that users could scan through the options faster to make a decision.

Prototype B - Questionnaire Layout

Using the principle of progressive disclosure, I wanted to have users select one or more devices in a list instead of having to read through each authentication option. The hypothesis was that users would have an easier time selecting the devices they were familiar with before being presented with authentication options.

Usability Testing Insights

All participants were able to successfully select an authentication method and comprehend how it secured their Login.gov account.

8 out of 12 participants preferred the “Illustration” direction over the “Questionnaire” direction since it offers descriptions up front.
"I'm going to go with the first one (Illustration) since it has helpful little descriptions underneath... For me I know what it means but I'm sure other people could find it helpful."

4 of 6 participants from Group B had positive comments on the Illustration layout.
"This page is providing more descriptive info as to what each icon represents. It's explaining what they are and how it works."

4 participants from Group A and 1 participant from Group B had positive comments on the Questionnaire layout.
"This layout (Questionnaire) is really nice and straightforward, I don't have to scroll to see all of the options which is nice especially if I was on a smaller screen."

Part 1: Outcomes & Impacts

We selected the "Illustration" authentication page, despite good feedback for both options, since participants felt it offered better upfront context. The "Questionnaire" was less successful, as some participants found it unclear about the nature of each device.
From January to February 2022 there was an 83.7% account creation success rate. In March 2022 there was an improved 92.8% success rate after the launch of redesigned MFA setup page.
Though improving comprehension increased successful account creation, research and support data showed a second failure point: users who only set up one authentication method were still vulnerable to account lockout.

Part 2: Designing for resilience

After we removed the labels, added the new illustrations, and simplified MFA descriptions we still had to solve the issue of users getting locked out of their account if they lost access to their only MFA method.

For this round of work, our goals were to:
  • Increase the number of users who add a second method
  • Decrease the number of account lockouts
  • Decrease the number of Login.gov support tickets

Methodology

We conducted 12 unmoderated usability tests via UserTesting.com.
We used a developer sandbox site instead of a prototype to get a better understanding of how people would move through the actual account creation and MFA selection process.

Enable MFA multi-select

Our first move was to switch the radio button to a checkbox. This minor change subtly indicates to users they can select more than one MFA method tile.
We then added "We recommend you select at least (2) two different options in case you lose one of your methods." to explain the risk of only having one MFA method.

Add an interstitial MFA upsell page

In order to capture users who only selected one MFA method, we decided to add an interstitial "upsell" page after a user successfully sets up their first authentication method.
We further emphasize that adding another MFA method would prevent them from being locked out from their account in case they lose one of their methods.

The MFA selection and setup flow

The video below shows the interstitial upsell screen popping up only if a user selects one MFA method. The primary call to action "Add another method" takes the user back to the authentication selection page to add another method.

Usability Testing Insights

All participants chose Phone/SMS as an MFA method. Of those participants:

7 of 12 of participants selected 2 MFA methods on the first selection screen. Of those users:
7 of 12 participants who selected and set up Phone/SMS ended up with that as their only MFA method.
“Let's just go with a simple one with our phone number, and we'll only do one of those [MFA methods].”

5 of 12 participants selected only 1 MFA method on the first selection screen.
“I did not select more than one cause that would drive me crazy! I'm more concerned about forgetting all my passwords than security as much as I probably shouldn't.”

Part 2: Outcomes & Impacts

The text "We recommend you select two (2) MFA methods..." led a majority of participants to select at least two MFA methods, suggesting a good starting point for increasing multiple MFA adoption.
After Login.gov released the multi-select MFA feature and interstitial upsell page on July 14, 2022, new users with two or more MFAs at account creation rose from 3.6% (June 2022) to 34.5% (November 2022) marking a 30.9% increase. This success reduced the likelihood of users getting locked out.
Subsequent efforts involved notifying existing single-MFA users to add another method, both after sign-in and via email.

System-level Impacts

This work addressed two common points where users are most likely to lose access to government services: confusion during authentication setup and lockout caused by only having a single authentication method.
By designing clearer MFA selection and encouraging redundancy early in account creation, we improved both successful enrollment and long-term account reliability.
The result is an authentication system that prioritizes access, trust, and resilience; therefore preventing usability failures that have real consequences for the people who rely on Login.gov to access their benefits and services.

Interested in collaborating?
Schedule a free consultation.

Contact mostyn.griffith@gmail.com