top of page

Improving security adoption while reducing account theft
 

Role: UX Designer

Timeline: ~6 months after release

Context: SaaS security & authentication


Outcome:

  • 340k+ new 2FA activations 

  • 90% reduction in stolen accounts

The Context

At Locaweb, the technical support team started reporting a growing number of customer complaints related to account takeovers and loss of access.

At the same time, the adoption rate of two-factor authentication (2FA), a key security feature, remained low.
This combination highlighted a critical risk: customers were relying solely on weak passwords, leaving their accounts vulnerable.

The company also had a broader security goal of encouraging safer authentication practices while reducing the support load caused by compromised accounts.

The Problem

Although 2FA was available, the existing activation flow created barriers that discouraged users from enabling it.

The main challenges were:

  • Low 2FA adoption

  • Increased reports of stolen accounts

  • Over-reliance on passwords as the only security layer

From a UX perspective, the issue was not the lack of a security feature, but the experience of activating it.

Project Goals

The project aimed to:

  • Increase adoption of 2FA as an additional security layer

  • Reduce fraud and account theft incidents

  • Decrease the volume of support tickets related to compromised accounts

The success would be measured by adoption, security outcomes, and support impact.

My Role

I worked in collaboration with a senior designer and design leadership, alongside Product Management, Engineering, Security, and Support teams.

My main responsibilities were:

  • Mapping the existing 2FA activation flow

  • Identifying usability and experience issues

  • Designing a more intuitive and flexible activation experience

  • Prototyping the new flow using Locaweb’s Design System (the previous flow did not follow it)

I had autonomy to propose structural changes and explore multiple solution approaches.

2FA Activation Redesign

Existing Experience (Before)

The original 2FA activation flow presented several usability issues:

  • Unfriendly and technical language

  • Limited flexibility, offering only one authentication method

  • Mandatory use of an authentication app, which became a critical barrier for many users

This lack of choice and clarity significantly reduced adoption and limited the effectiveness of the security feature.

Process & Methods

To understand and improve the experience, I used:

  • Flow mapping to document the existing activation journey and identify friction points

  • Benchmark analysis of 2FA activation flows from other market players, analyzing both good practices and common pitfalls

  • Internal validation and UX-focused QA, ensuring usability, clarity, and consistency before release

These methods allowed us to redesign the experience while respecting technical and security constraints.

Key Design Decisions

1. Improving UX writing and guidance

The activation flow was redesigned with clearer language, explaining the importance of each step and helping users understand why 2FA matters.

This created a more effective walkthrough and reduced uncertainty during setup.

2. Offering multiple verification methods

Instead of forcing a single authentication method, the new flow introduced multiple verification options.

This gave users more control, reduced friction, and increased the likelihood of adoption without compromising security.

3. Applying the Design System to the flow

The new experience was fully built using Locaweb’s Design System.

This improved:

  • Visual consistency across products

  • Accessibility

  • Overall usability and trust in the interface

Final Solution

The redesigned 2FA activation flow provided:

  • Clearer instructions and feedback

  • More flexibility in verification methods

  • A consistent, accessible interface aligned with the rest of the product ecosystem

The experience was designed to make security feel approachable rather than intimidating.

Impact & Results

Within approximately the first six months after release:

  • 340,000+ users activated 2FA

  • 90% reduction in reported stolen accounts

In the first two months, support tickets related to access difficulties temporarily increased due to the activation incentive.
However, this was fully mitigated through customer education initiatives, and support demand stabilized shortly after.

Overall, the redesign improved both security outcomes and operational efficiency.

Learnings

This project reinforced several key lessons:

  • Solving security problems requires strong collaboration across multiple teams

  • Security-related UX issues must be prioritized by criticality

  • Flow analysis and benchmarking are powerful tools to guide design decisions

  • Consistency through a Design System plays a major role in usability, accessibility, and trust

Why This Project Matters

This project demonstrates how UX design can directly impact security, business metrics, and customer trust, not just interface quality.

bottom of page