Over the past decade, there have been some welcome shifts in how additional needs, both physical and mental, are recognised and accommodated.
From cinemas offering relaxed screenings, to video games providing increased accessibility settings, to workplaces speaking more openly about mental health and neurodiversity, awareness has undoubtedly grown.
However, inclusion is still too often seen as an afterthought. Those who do understand its value know it is part of good design, good culture, and good outcomes. Cyber security is one area, for example, that still lags behind the conversation.
Security tools are often designed with a narrow idea of the ‘typical user’ in mind, prioritising technical robustness over usability or accessibility. Consequently, disabled people are disproportionately impacted by cyber crime.
According to recent research, 76% of disabled users are more likely to experience online harm, compared to 64% of non-disabled users, and neurodivergent people are 50% more likely to experience cyber attacks than their peers.
Yet the reality is that everyone deserves to feel confident and capable when using digital systems.
Exploring how assistive tech intersects with cyber security is an important step toward making digital safety truly inclusive.
Why accessibility matters in cyber security
Cyber security tools sit right at the intersection of protection and participation. If a tool is difficult to use, confusing to navigate, or incompatible with accessibility features, users are more likely to avoid it or bypass it altogether. That behaviour doesn’t just affect the individual; it can weaken an organisation’s overall security posture.
Accessible design is not about lowering standards or simplifying security at the expense of protection. Rather, it’s about enabling people to engage with security tools confidently and consistently.
When tools work well with assistive technologies, offer clear interfaces, and reduce unnecessary cognitive load, they support better security outcomes for everyone. In this sense, assistive tech becomes an enabler of resilience, not a compromise.
Password managers: Balancing security and usability
A password manager is software that makes it easy for users to create unique, strong passwords for all their accounts, without having to remember them.
One master password is created, and users simply enter this to retrieve the information when they need it.
Well-known examples include Google Password Manager, NordPass and KeePass.
Password managers are widely recognised as a best-practice security control, yet their effectiveness relies heavily on usability. For users with visual impairments, motor difficulties, or cognitive differences, poorly designed password managers can create real barriers.
For example, people with ADHD, dyslexia, or learning disabilities soon discover that password managers with complex settings or poor prompting are just something else to be interpreted. They might revert to storing information in unsafe places or reusing the same login details for every account.
More accessible options, such as 1Password, Bitwarden, KeePass and Proton Pass, tend to share common features. These include strong compatibility with screen readers, logical tab order for keyboard navigation, and clear labelling of fields and buttons.
Some tools also offer dyslexia-friendly fonts, adjustable text sizes, and uncluttered layouts that reduce visual overload.
From a cognitive accessibility perspective, clear prompts, consistent language, and straightforward workflows make a significant difference. A password manager that explains what is happening, rather than assuming prior technical knowledge, supports a wider range of users.
Multi-factor authentication and alternative inputs
Multi-factor authentication (MFA) adds a crucial layer of protection, but it can also introduce friction if not designed inclusively. For some users, traditional MFA methods such as SMS codes or app-based push notifications can be challenging, particularly if they rely on screen readers, voice control, or alternative input devices.
For example, users may experience unnecessary stress due to time-sensitive challenges, resulting in them abandoning the login attempt altogether.
More inclusive MFA solutions offer flexibility. This might include support for hardware security keys that require minimal interaction, biometric options that avoid repeated code entry, or authenticator apps that integrate well with built-in accessibility settings on devices. Clear error messages and the ability to retry without penalty are also important for reducing stress and confusion.
Well-designed MFA acknowledges that users interact with technology in different ways. By accommodating those differences, organisations reduce the risk of workarounds while maintaining strong security controls.
Security apps and simplified interfaces
Beyond authentication, many organisations rely on security apps for endpoint protection or incident alerts. These tools often prioritise technical detail, which can unintentionally exclude users who benefit from simpler, more focused interfaces.
Accessibility-aware security apps such as iProov and Microsoft Authenticator typically offer clean dashboards, clear visual hierarchies, and the option to hide advanced features that are not relevant to everyday use. Colour contrast, icon clarity and plain language explanations all contribute to a more inclusive experience.
For users with anxiety or attention-related challenges, reducing unnecessary alerts and presenting information calmly can be just as important as technical accuracy. Assistive tech plays a role here, too, ensuring that notifications and controls remain accessible across devices and platforms.
Dyslexia-friendly design and cognitive accessibility
Dyslexia and other cognitive differences are often overlooked in cyber security design. Dense text and cluttered interfaces can make even simple tasks feel incredibly overwhelming. Security tools that consider cognitive accessibility help users engage without fear of making mistakes.
Features like consistent layouts, clear spacing, readable fonts, and concise instructions support a broader range of users. Some tools even allow users to customise their interface, adjusting colours or layouts to suit individual preferences. These adjustments strengthen adoption and encourage correct usage.
Incorporating assistive tech considerations into design acknowledges that cognitive effort is a real factor in security behaviour.
The business and ethical case for inclusive security tools
The human case for prioritising accessible design in cyber security tools is clear: independently inputting private information and using protective features reduces the need to rely on unsafe workarounds, or avoid digital services altogether.This has a knock-on effect on someone’s ability to live independently.
Inclusion also improves job prospects, because designing tools that people can use confidently breaks down barriers to career progression and financial stability. Greater representation in cyber security from the neurodivergent community is hugely important to the future development of cyber security tools, too, with lived experience driving more innovative, safer solutions all around.
From a business perspective, accessible cyber security tools reduce risk. When employees understand and trust the tools they are asked to use, compliance improves and support tickets decrease. This is particularly important for organisations with diverse workforces, hybrid working, or staff using different devices and input methods.
Inclusive design also supports regulatory and ethical responsibilities. As organisations place greater emphasis on wellbeing, equality, and social responsibility, accessible cyber security becomes part of a wider commitment to doing the right thing.
Businesses maintain compliance with equality legislation, such as the Web Content Accessibility Guidelines (WCAG) and build their reputation as trusted service providers who value their customers’ diverse needs.
Importantly, inclusive security tools benefit everyone, not just those with declared additional needs. Clearer interfaces, simpler workflows, and better compatibility improve usability across the board.
Moving towards inclusive cyber resilience
Exploring assistive tech in cyber security tools is not about perfection, but progress. The industry is moving in the right direction, but there is still work to do. Providers, developers, and organisations all play a role in asking better questions about accessibility and demanding better outcomes.
When evaluating cyber security solutions, it’s worth considering not only what a tool protects against, but who it enables to participate safely and confidently. Compatibility with assistive technologies, flexibility in authentication, and thoughtful interface design are true indicators of mature, resilient security.
At Net-Defence, cyber resilience is about people as much as technology. Through our collaboration with Passion4Social CIC, we are promoting the true role of inclusive design and assistive tech in cyber security.
They are not a “nice to have” or an afterthought. They are essential to independent living, creating opportunities, and ensuring we can all access digital spaces safely.
By embedding accessibility into their strategies, organisations can protect systems while supporting the individuals who rely on them every day.
Contact us or Passion4Social today to find out how we can help your organisation.
