Two-factor authentication (2FA) adds a second verification step after you enter your password. Even if someone steals your password, they cannot log in without the second factor.
The second factor usually takes one of these forms:
- Time-based codes: An app on your phone generates a new six-digit code every 30 seconds. You enter this code to prove your identity.
- SMS or email codes: A service sends a one-time code to your phone or email address, which you then type in.
- Push notifications: Your phone receives a prompt asking you to approve or reject the login attempt.
- Physical security keys: USB dongles or NFC devices that you tap or insert to authenticate.
- Biometric data: Your fingerprint or face scan acts as the second factor.
For example, you log into your email account. After entering your correct password, the service asks for a code. You open an authenticator app on your phone and see a six-digit number. You type it in, and access is granted.
When choosing an account to protect, prioritise your most important services first: email, banking, and social media accounts linked to password recovery. Look for services that offer 2FA and select the method that best suits your habits. Authenticator apps are more secure than SMS (which can be intercepted), but less convenient than push notifications. If you lose access to your second-factor device, keep backup codes in a safe place so you can regain entry to your account.