Overview
A multi-stakeholder security application designed to make two-factor authentication feel effortless without compromising the trust signals users need when protecting sensitive accounts. The design challenge was resolving the fundamental tension between security — which users associate with complexity — and the simplicity required for daily habitual use.
The Challenge
Most authenticator apps are designed by security engineers, not UX designers. The resulting experiences are functional but hostile — dense information hierarchies, unclear account creation flows, and zero onboarding guidance leave users anxious about whether they've set things up correctly. This anxiety drives users toward less secure alternatives or, worse, toward disabling 2FA entirely. The product risk wasn't just poor retention — it was users abandoning security best practices.
The Solution
We mapped the full emotional journey of a first-time 2FA user — from skepticism and confusion through to confident daily use — and designed the onboarding flow to address each anxiety state sequentially. Account creation was broken into a progressive disclosure flow that revealed complexity only when necessary, dramatically reducing cognitive load at setup. Visual hierarchy was rebuilt to surface the time-sensitive OTP code as the undisputed primary action, with all secondary features receding until needed. The result is an experience that feels calm and trustworthy — qualities that are not incidental in a security product, but strategically essential.
Process
How we approached it
User Flow
Key user journey
Impact
