What is Two-Factor Authentication?
Two-factor authentication (2FA) is a security feature used to gain access to a web-based computer program or application. As the name implies, this process requires more than one piece of evidence to prove that you are who you say you are. That evidence helps confirm a claimed identity by using a combination of two different factors: 1) something you know, 2) something you have, or 3) something you are.
Using two-factor authentication has the potential to greatly reduce the incidence of online identity theft, because the thief would need more than your password to gain access to your computer system or account. It does not hinder attacks known as phishing, man-in-the-browser (usually accomplished by malware in your system), man-in-the-middle attacks (someone within proximity to the Wi-Fi you are using or using other resources to gain access to your system) or ATM skimming. But it is a very important practice for keeping your identity secure.
Examples of two-factor authentication are:
- Using an ATM: the two authenticated pieces of evidence are the card (something you have) and the PIN number (something you now)
- A password or code is generated a smart phone or security token that only the user possesses. Or a onetime code is sent to the registered mobile number or email address (this is frequently used for Gmail accounts).
Several popular web services employ two-factor authentication, including Google and Amazon Web Services. However, it is usually a feature that is not active by default and needs to be manually activated by you. For most online services, you can activate two-factor authentication by going to the Settings and Security options in your account.