System design guide
Two-factor door access requires two different categories of evidence—such as something a user has and something they know—not simply presenting the same credential twice. It can improve assurance at selected high-risk openings, but indiscriminate use creates queues and workarounds.

Where this approach fits
Consider it where a risk assessment shows that a lost or lent card alone is insufficient, such as limited high-value, critical or sensitive rooms. It may be unnecessary at routine circulation doors. Define whether both factors are required every time, only after hours or only for particular user groups.
Design the complete opening and interface
Common combinations include card plus PIN or mobile credential plus device authentication, subject to verified product behaviour. Reader layout, accessibility, gloves, privacy at keypad entry and transaction time affect usability. Avoid PINs derived from employee numbers or shared among a team.
Plan safety, failure and exceptions
Plan forgotten PINs, lost credentials, lockout, duress procedures, controller or reader faults and emergency entry. A fallback that routinely bypasses the second factor defeats the design. Emergency egress must remain independent of successful authentication.
Administration and ongoing ownership
Enrol both factors through an authorised identity process and revoke them together when access ends. Monitor excessive failures without assuming every error is hostile. Review whether the added control is still proportionate and whether staff are propping doors to avoid it.
Two-factor requirements
| Area | Decision |
|---|---|
| Factors | Are two different factor categories actually used? |
| Scope | Which doors, users and times justify the added assurance? |
| Enrolment | How is identity checked before both factors are issued? |
| Failure | What happens after lost card, forgotten PIN or reader fault? |
| Accessibility | Can every authorised user complete the transaction? |
| Revocation | Are both factors disabled through one leaver process? |
Design the exception workflow
For Two Factor Access, normal authorised use is only one test. Document the lost credential, unavailable administrator, communications outage, power issue, user who cannot use the preferred method and opening that does not return to its secure state. Name who responds and what they may safely do.
Acceptance evidence
- Current models, firmware, software and licences
- Approved door, user and permission schedule
- Normal, denied and exception test results
- Power, network and service-failure behaviour
- Integration cause-and-effect results
- Administrator roles, backups and update ownership
- Known limitations and outstanding actions
Questions to resolve
Is two-factor door access suitable for every property?
For Two Factor Access, no. Suitability depends on the operating need, physical equipment, safety duties, administration and verified product compatibility.
What information is needed to quote two-factor door access?
For Two Factor Access, provide the relevant openings, users, schedules, exception cases, interfaces, site constraints and required failure behaviour.
Who should participate in a two-factor door access design review?
For Two Factor Access, include the client’s security or facilities owner and installer; IT, building, fire, lift, gate or privacy specialists may also be required depending on this design.
How should two-factor door access be tested at handover?
For Two Factor Access, test normal authorised use, denial, representative exceptions, monitoring, integrations and agreed failure conditions without creating an unsafe state.
Which two-factor door access claims need human confirmation?
For Two Factor Access, product capabilities, site-specific compliance, safety interfaces and any privacy or legal statements require current specialist review.
Discuss the operating requirement
Share plans or photographs, user groups, normal and exceptional journeys, integrations and known building constraints. Serious Security can assess projects in Sydney and Melbourne.


