Das, SanchariWang, BingxingKim, AndrewCamp, L. Jean2020-01-042020-01-042020-01-07978-0-9981331-3-3http://hdl.handle.net/10125/64411With technological advancements, traditional single-factor authentication methods, such as passwords, have become more vulnerable to cyber-threats. One potential solution, multi-factor authentication (MFA), enhances security with additional steps of verification. Yet, MFA has a slow adoption rate among users, and frequent data breaches continue to impact online and real-world services. Little research has investigated users' understanding and usage of MFA while specifically focusing on the their mental models and social behaviors in a work setting. We conducted semi-structured interviews with 28 individuals (11 experts, 17 non-experts), while focusing on their risk perceptions, MFA usage, and understanding of required technologies. We identified that experts treated MFA as a useful added layer of authentication, while non-experts did not perceive any additional benefits of using MFA. Both non-experts and experts expressed frustration with MFA usage, often referring to it as a 'chore.' Based on these findings, we make several actionable recommendations for improving the adoption, acceptability, and usability of MFA tools.10 pagesengAttribution-NonCommercial-NoDerivatives 4.0 InternationalDesigning for Digitalhuman factors of privacy and securitymental modelsmulti-factor authenticationpassworduser experience.Conference Paper10.24251/HICSS.2020.669