Two-factor authentication has been introduced in order to enhance security in authentication systems. Different factors have been introduced, which are combined for means of controlling access. The increasing demand for high security applications has led to a growing interest in biometrics. As a result several two-factor authentication systems are designed to include biometric authentication. In this work the risk of result distortion during performance evaluations of two-factor authentication systems including biometrics is pointed out. Existing approaches to two-factor biometric authentication systems are analyzed. Based on iris biometrics a case study is presented, which demonstrates the trap of untruly increasing recognition rates by introducing a second authentication factor to a biometric authentication system. Consequently, several requirements for performance evaluations of two-factor biometric authentication systems are stated.