Two-factor authentication (2FA) is one of the widely adopted authentication methods used in almost all the latest technologies. However, 2FA methods such as one-time passcodes (OTPs) can be inaccessible for blind and low vision (BLV) people due to the requirement of multiple steps, apps and/or devices for authentication and, pose security risks as screen readers may read out the verification codes to bystanders. I propose this study which was conducted in three parts. Part one of the study focused on exploring and understanding accessibility challenges faced by BLV users when using 2FA methods. Through a survey with 62 participants (34 had used 2FA methods while 28 never used 2FA methods) and follow-up interviews with 10 participants, I present the findings that illustrate the challenges BLV users face while using 2FA methods and the measures they take to overcome those challenges. In part two of the study, I present Haptic2FA, an accessible 2FA method where ‘haptic patterns’ (similar to OTPs) are used as verification codes and I explore three different input methods for entering the haptic pattern as part of the 2FA process. With a usability study with 10 BLV participants, I discuss the accessibility and usability of the Haptic2FA method’s process, haptic patterns and input methods. Finally, part three of the study, consisting of 10 sighted participants who acted as shoulder surfers and aural eavesdroppers, explored Haptic2FA’s resilience against these attacks.

Publication Date


Document Type


Student Type


Degree Name

Human-Computer Interaction (MS)

Department, Program, or Center

Information, School of


Golisano College of Computing and Information Sciences


Roshan Peiris

Advisor/Committee Member

Garreth Tigwell

Advisor/Committee Member

Tae Oh


This thesis has been embargoed. The full-text will be available on or around 1/2/2025.


RIT – Main Campus

Available for download on Wednesday, January 01, 2025