Two-Factor Authentication (2FA)
Definition
Two-factor authentication (2FA) is a specific type of multi-factor authentication (MFA) that strengthens access security by requiring two methods (also referred to as authentication factors) to verify your identity. These factors can include something you know (like a password), something you have (like a phone or hardware key), and something you are (like a fingerprint).
Why It Matters
2FA provides a massive security improvement over passwords alone. Even if an attacker steals your password, they cannot access your account without also having your second factor, such as your physical phone.
Contextual Example
When logging into your email, after entering your password, you are prompted to enter a 6-digit code that was just sent to your phone via a text message. This is a common form of 2FA.
Common Misunderstandings
- All 2FA is MFA, but not all MFA is 2FA (MFA could require three or more factors).
- SMS-based 2FA is better than nothing, but it is considered less secure than app-based authenticators (TOTP) or hardware security keys due to the risk of SIM-swapping attacks.