Experience Designer & Accessibility Champion
Strengthening Login Security Through Mandatory 2FA
Authentication and login experience across multiple SaaS products
My Role
Leading UX Designer
Team
Product Manager, Architect, Developers, UX Manager, Information Development,
Status
In development
Glossary
SSO
Single-Sign-On
2FA
Two-factor authentication
MFA
Multi-factor authentication
The Problem
While reviewing our login experience, I discovered that users were able to disable their 2FA. This was a significant security risk, but the issue was deeper than that.
Through service blueprinting and flow audits, I uncovered how this vulnerability was being used in practice:
-
Partners with admin privileges would disable 2FA for their customers to troubleshoot login issues.
-
This created a scenario where users could access products without multi-factor authentication, reducing security and increasing exposure risk.
-
The underlying cause was ongoing login friction across different products, each built on varying legacy code.
​
This problem impacted:
-
Security posture of the platform
-
User trust
-
Support load on partners and internal teams
Hypothesis
By removing the ability to disable 2FA, we would:
-
Strengthen overall account security.
-
Encourage addressing the real cause of login failures instead of bypassing them.
-
Reduce risky workaround behaviours.
Discovery & Research
I conducted a service-level discovery, mapping the current ecosystem of authentication and recovery:
-
Service blueprint of end-to-end login flows, authentication and recovery paths, and enable/disable 2FA flows.
-
Analysis of 3 months of login-related support issues.
-
Competitor flow audits (Miro, Atlassian, Google, Microsoft).
-
Multiple discovery workshops with PM, architects, developers, and stakeholders.
-
Wireflows and user story development.
Key Complexity
Because our products are built on different legacy codebases, it was impossible to guarantee that disabling 2FA could be blocked consistently across all product entry points. We agreed to create an error message for those instances where user was able to see the action.
Final solution
I collaborated closely with our Information Developer to introduce a clear, informative error message that triggers whenever someone finds a workaround to disable 2FA from any product surface. This ensured consistency even without a fully unified platform.
User with enabled 2FA
No change to the flow. The option to disable is now removed.
User with disabled 2FA
Required to set up 2FA at next login, with clear messaging
If a user attempts to skip setup, they are informed that 2FA is now mandatory.
I collaborated with the Information Developer to refine copy, ensuring clarity and reducing confusion during setup.
The flows went through multiple iterations based on feedback from:
-
Staff and Senior Designers
-
Engineering teams
-
Architect & PM
Delivery
-
Delivered annotated flows and states.
-
Provided messaging and interaction copy to the Information Developer.
-
Supported cross-team understanding of flow changes.
Status & Outcome
Before release, however, a challenge emerged:
-
A Pendo login banner was deployed to announce the change.
-
The message was shown to all SSO users, including on-prem users who view their product as separate, leading to confusion and frustration.
-
This release was not consulted with UX, and I discovered it after the fact.
I worked with a colleague to:
-
Limit the message to exclude on-prem users (technical constraints prevented targeting only users with 2FA disabled).
-
Recommend updated messaging with clearer, precise copy through our Information Dev team.​
Key learnings
-
Cross-team alignment is critical when communicating authentication changes.
-
Messaging must be targeted, not broadcast.
-
Early UX involvement prevents confusion and avoids negative emotional responses at login.
