Two-Factor Authentication

Two-factor authentication (2FA)

Two-factor authentication is an effective way to make sure users are really who they say they are.

It is one of the best ways to protect against remote attacks, such as:

  • phishing
  • brute-force attacks
  • credential exploitation
  • password-stealing malware
  • attempts to takeover your accounts

Two-Factor Authentication Methods

Each 2FA method has its own advantages for different types of users.
2FA strengthens access security by requiring two methods (also referred to as factors) to verify your identity. These factors can include something you know - like a username and password, plus something you have that is unique to you - like a smartphone app to approve authentication requests.
Without your physical device, remote attackers can’t pretend to be you in order to gain unauthorized access to corporate networks, cloud storage, financial information, etc. stored in applications.  2FA thereby allows you easy access to your accounts while protecting against phishing, social engineering and password brute-force attacks and secures your logins from attackers exploiting weak or stolen credentials.
By integrating two-factor authentication with your applications, attackers are unable to access your accounts without possessing your physical device needed to complete the second factor.

Push Notifications

Verify your identity by approving a push notification from an authentication mobile app on your smartphone or wearable.

Phone Callbacks

This method calls your phone and waits for you to pick up and press any key to authenticate before granting you access to your account.

Security Tokens

Using a hardware token, you can press a button to verify. This device is programmed to generate a passcode that you must type into your two-factor prompt.

TOTP

Time-based one-time passcodes (TOTP) are similar to SMS, where a two-factor authentication app can generate new, unique passcodes for you to type into the two-factor prompt. 

SMS Passcodes

A unique passcode is sent to your phone via SMS that you must type into your two-factor prompt.

U2F Device

Universal 2nd Factor (U2F) is an authentication standard that uses an authenticator (a USB hardware device) and a server. A user authenticates by tapping the device inserted into their computer’s USB drive.