Our glossary explains basic terms and abbreviations relating to mobile working, the use of smartphones and tablets in the corporate environment (Enterprise Mobility) and security aspects in the use of mobile devices.
Two-factor authentication (2FA), often referred to as two-factor authentification, is a security mechanism used to protect access to digital accounts and systems by introducing an additional layer of security.
Instead of using only a password, as is the case with traditional login methods, two-factor authentication asks for two different factors to verify the identity of users*.
Categories of two-factor authentication
The two factors can fall into the following categories:
Something that only the user knows, such as a password, PIN, or answer to a secret question.
Something that users physically own, such as a smartphone, hardware token, or special smart card.
A biometric characteristic of users, such as a fingerprint, iris recognition, or facial recognition.
Two-factor authentication is usually applied as follows: The user first enters their regular password (knowledge factor). Then a second factor is required, which may vary depending on the system and settings. For example, this can be a one-time confirmation code sent to the user’s smartphone via SMS or authentication app (possession factor). Alternatively, biometric identification such as fingerprint or facial recognition (inherent factor) can serve as an additional factor.
Two-factor authentication provides significantly higher security compared to traditional one-factor authentication (password only). Even if attackers obtain a user’s password, they would still not be able to access the account because the second factor is missing. This makes it much more difficult for potential intruders to gain unauthorized access to sensitive data, personal accounts or corporate systems.
In this age of increasing cybercrime and identity theft, two-factor authentication is highly recommended. Many popular online services, banks, social media and email providers offer this feature as an optional or even mandatory security measure to ensure the safety of their user and minimize the risks of cyberattacks.