News and Insights

OTPs, apps, keys: can strong authentication ever sound simple?

January 27, 2026

In this blog, you will learn:

1. How authentication has evolved to provide stronger protection against cybercrime
2. The challenge of communicating advanced authentication simply
3. Top tips for simplifying authentication and encouraging adoption.

 

Authentication must be strong to protect data and assets, but users want it to be practically invisible. One-time password (OTP) technology is more secure, but it sounds like a hassle. After all, remembering a password is difficult enough. This is the challenge of communicating strong authentication. Consumers and businesses need it, but they won’t necessarily be motivated to use it.

Strong but simple: the user authentication conundrum

Authentication has evolved, and technology with it, but this presents brands with an ongoing challenge: how to communicate the benefits of strong authentication without alienating the audience.

It all began with passwords, but they’re not particularly strong. Advice encourages us to use strong passwords, and to have a different one for each service, but still we see statistics like:

• 80% of people in the UK reuse passwords
• France’s top three passwords are ‘admin’, ‘123456’ and ‘password’
• Germany ranks number one for the riskiest password habits.

Unfortunately, weak cybersecurity in all its forms, including poor password practices, has consequences. The global average cost of a data breach stands at USD 4.4M whilst people in the UK lost over £1 billion to all types of bank fraud in 2024.

No business wants to suffer a costly and damaging breach; no individual wants to lose their life’s savings to a hacker.

Enter more advanced ways to verify users and protect systems, applications and devices from unauthorised access. Multi-factor authentication (MFA), single sign-on, social sign-on, biometrics, security keys and more—there is a positive smorgasbord of options.

These methods are stronger, but they can take more effort and many people are put off simply by the thought of a technology-based solution.

Six authentication communications challenges

Businesses need employees to embrace strong authentication; service providers, including banks and healthcare institutions, need consumers to do the same. However, this objective butts heads with users’ desire for a simple life in which online access is easy, quick and intuitive. In between, sit communicators, striving to:

1. Promote security and simplicity

Communicators must promote the advanced capabilities of more secure solutions but communicate them in such a way that they feel approachable and intuitive.

2. Understand the audience

Business leaders need to understand how advanced authentication solutions will protect their data, reduce security risks and improve workflows, whilst consumers want to know how technologies will protect their digital lives without adding complexity.

3. Tackle security fatigue

Over half (54%) of office workers surveyed by CybSafe said they often or sometimes ignore important cybersecurity alerts and warnings due to information overload. Security fatigue can lead to disengagement, especially if messaging around authentication feels overly complex or irrelevant.

4. Communicate outcomes over features

Customers—both businesses and consumers—need to know how authentication technologies will make their lives easier or their operations more secure.

5. Be realistic

Authentication helps protect but it cannot eliminate threats. Communicators must be honest and back up assurances but not over-inflate security claims.

6. Stand out to users

Cybersecurity is a crowded market. Brands need simple messaging and must communicate tangible benefits clearly to stand out.

How to simplify authentication and encourage user adoption

Communicators must walk the fine line between explaining robust security measures and promoting a seamless, user-friendly experience.

Tips to achieve this include:

– understanding audience needs
– tailoring messaging according to pain points
– presenting tangible outcomes
– being visible when audiences are motivated to improve authentication.

Sophisticated security needn’t be intimidating, but it must be communicated in ways that audiences accept it as accessible, valuable and necessary.

How FINN Partners can help

FINN Partners’ technology team specialises in creating impactful communications to help you achieve your business goals. Get in touch and find out how we can help with your PR needs.

FINN Partners’ paper, Are we overcomplicating authentication? examines how to avoid the communications pitfalls of authentication and resonate with audiences.

 

Frequently Asked Questions

1. Why do businesses and consumers need strong authentication?

Weak cybersecurity in all its forms, including poor password practices, has consequences. The global average cost of a data breach stands at USD 4.4M whilst people in the UK lost over £1 billion to all types of bank fraud in 2024. Strong user authentication techniques include multi-factor authentication (MFA), single sign-on, social sign-on, biometrics and security keys.

2. Why do users sometimes resist strong authentication?

Stronger forms of authentication can take more effort; many people are put off simply by the thought of a technology-based solution. To tackle these challenges, a communications strategy must include understanding the audiences and their needs and communicating outcomes over features.

3. How can I communicate strong authentication to encourage adoption?

Ten top tips include understanding the audience’s needs, tailoring messages according to pain points, presenting tangible outcomes and being visible at the time audiences are motivated. Find all tips in Are we overcomplicating authentication?.

DOWNLOAD WHITEPAPER

• Share this page on Facebook
• Share this page on LinkedIn
• Share this page on Twitter

• TAGS:

• Technology

POSTED BY: Charlotte Martin