Many users prefer convenience to security even with DigiD

E-Government Survey Report 2019 published

Last month, the Dutch government published the report of its latest survey of electronic government. The report provided further evidence of the security and login paradox highlighted by our own survey of Trends in Online Security & e-Identity. Even if people recognise that a given login method is less secure, they will still use it if it's convenient.

84 per cent of logins don't involve 2FA

Data on DigiD and two-factor authentication (2FA) confirms that the vast majority of logins are single-factor. Dutch consumers regard DigiD as one of the most secure ways of logging in, especially if a second authentication factor is involved. Yet very few of them actually opt for 2FA: 84 per cent of DigiD logins are made using only one factor.

DigiD app has the biggest reach

What makes reluctance to use 2FA particularly surprising is that a DigiD app is readily available. In our mobile-dominated communications landscape, apps are the way of reaching a big audience. And the DigiD app has been the most widely installed Dutch government app since summer 2018, when 7.9 per cent of the public were found to have it on their phones. By the end of last year, the figure topped 10 per cent. Nevertheless, only 3 per cent of logins make use of the app. In other words, the app's popularity hasn't led to more secure login behaviour.

Ignorance and convenience

Part of the explanation is that a disproportionately large number of people accessing government services do so using PCs and laptops, rather than mobile devices. Another issue is that many people don't realise that they can use 2FA. Much of the problem, however, is that people simply prefer convenience. The use of 2FA is rarely mandatory, and single-factor authentication is less trouble.

Big gap between awareness and behaviour

DigiD is used mainly for accessing government services. Our research shows that a sizeable majority of consumers are aware of 2FA and want to use it; only 6 per cent of respondents described it as unnecessary. In practice, though, they rarely opt for 2FA. So there's a big gap between awareness and behaviour: consumers have the knowledge, but don't act on it.


  • Thursday 27 June 2019

    About SIDN

    Wanted: the best internet theses


    Could you win one of the Internet Thesis Awards for 2019?

    Read more
  • Monday 19 March 2018

    About SIDN

    It's thanks to standards that the internet works


    A magazine packed with interviews and case studies on the use of open standards

    Read more
  • Tuesday 17 December 2019

    Internet security

    Internet security standards: targets aren't being met


    Forum for Standardisation puts pressure on government organisations and vendors

    Read more


Your browser is too old to optimally experience this website. Upgrade your browser to improve your experience.