LITTLE ROCK, Ark. -- Amid concern foreign governments could interfere in the 2020 general election, a new survey finds state voter-registration databases are more secure than in 2018.
Almost twice as many states now require multi-factor authentication and passwords that are at least eight characters long, and nearly all states are monitoring voter-registration database log-in attempts.
Executive Director of the Center for Election Innovation and Research David Becker said voter-registration databases drive almost every aspect of elections.
"Whenever someone wants to vote by mail, that information is checked against their voter file, their voter registration record. When someone goes to check-in at a polling place, they are checked against their voter registration record. If someone receives information about upcoming elections, that's all based on the voter registration record," Becker said.
Arkansas first instituted a statewide voter-registration system in the mid-1990s that relied on county clerks to maintain and update voter information. After Congress passed the Help America Vote Act in 2002, the state moved to a more secure, centralized system controlled by the Secretary of State's Office.
According to a June 2020 report from the Secretary of State, there are currently more than 1.7 million registered voters in Arkansas.
Becker said the U.S. Department of Homeland Security has evidence Russia briefly infiltrated Illinois' state voter registration database in 2016.
"If a bad actor wanted to change data, delete people's records or change their records, it could really impact their ability to successfully vote," he said. "So, you also have to have the ability to detect intrusion and detect it quickly so you can shut it down, as happened in 2016 with the Illinois database."
He added after the incident, many states began backing up their databases on a daily basis, and training election officials on how to identify cyberthreats.
"And fortunately, we've seen the trend in 2020 continue toward more and more security," he said. "More and more states have much better security around using multi-factor authentication and better passwords, for instance. More states are checking the activity that's occurring in their voter registration databases to see if anything looks like it's not quite right."
To maintain cybersecurity, the survey does not disclose specific state responses, but notes some states reported not monitoring or auditing their voter registration database input forms. At least six states said they do not use multi-factor authentication to restrict access.