Infosec glossary entry

2FA

2FA:
2-factor Authentication

A security process that requires users to provide two different forms of identification before gaining access to an account, system, or device. This method enhances security by combining two categories of authentication factors: something you know (like a password or PIN) and something you have (such as a smartphone, security token, or smart card). By requiring two independent credentials, 2FA significantly reduces the risk of unauthorized access, even if one factor, such as a password, is compromised.

The most common implementation of 2FA involves entering a password (the knowledge factor) and then verifying identity through a second factor, like a one-time code (OTP) sent via SMS, an authentication app, or a hardware security key (the possession factor). This added layer of security makes it much more difficult for cybercriminals to gain unauthorized access to sensitive information, thereby reducing the effectiveness of phishing attacks, credential stuffing, and password leaks. When more than two factors are required, it is referred to as Multi-Factor Authentication (MFA).


is an extra step added to the log-in process, such as a code sent to your phone or a fingerprint scan, that helps verify your identity […]
https://us.norton.com/internetsecurity-how-to-importance-two-factor-authentication.html

Related entries

By jean-christoph

March 5, 2022

authentication
Leave a Reply

Your email address will not be published. Required fields are marked

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

this might interest you as well