Everyone’s Talking About MFA. But who’s paying attention to the customer journey and making it easier for users?
If you’ve been to an insurance conference lately, you’ve probably heard the same comments repeatedly: Multi-factor authentication is critical. The message is everywhere from panels, to webinars, to white papers. And the message isn’t wrong. MFA is no longer a nice-to-have; it’s a must-have for protecting customer and policyholder data.
But here’s the thing: Our industry is much better at talking about MFA than it is at making it easy for the people who actually use it.
Why the current approach doesn’t work
Right now, the burden sits squarely on agents, brokers and even policyholders. Every carrier and insurance partner seem to have their own flavor of MFA. That means users are stuck juggling codes and authenticator apps, and jumping through login hoops — often multiple times a day. Instead of feeling secure, they feel frustrated.
And frustration has a price. Agents lose time with clients. IT teams spend their days on endless password resets. Worst of all, some people look for shortcuts to get around the hassle, which puts everyone at greater risk.
It’s time for a shift in perspective. Security doesn’t succeed when it slows people down; it succeeds when it’s almost invisible. Authentication shouldn’t be another obstacle — it should be part of the natural flow of work.
That means asking a different question. Not: “How do we enforce MFA?”
But: “How do we design MFA to be so simple that people hardly notice it’s there?”
This isn’t about weakening protection. It’s about building trust by making strong security easy to live with.
Beyond awareness toward action
We don’t need another panel pointing out why MFA matters. We need real action to simplify how it’s delivered. That means shared frameworks, consistent experiences and solutions that work across carriers and partners so users get one secure, predictable process instead of a dozen different ones.
At ID Federation, we’ve been pushing in this direction with SignOn Once, our industry-wide identity framework. It shows that you don’t have to choose between strong protection and a smooth user experience. You can have both. But if the industry doesn’t commit to ease of use, MFA adoption will never reach its potential.
A challenge to industry leaders
The next time MFA comes up in a boardroom or on a stage, let’s go beyond asking, “Are we secure enough?” Let’s also ask, “Are we making security usable enough?”
Because real leadership isn’t about repeating the problem. It’s about solving it in a way that protects people without punishing them.
