===== Two-Factor Authentication (2FA) =====
[[dido:public:ra:xapend:xapend.a_glossary:start| Return to Glossary ]]

**Two-Factor Authentication (2FA)**, sometimes referred to as two-step [[dido:public:ra:xapend:xapend.a_glossary:v:vendorlockin|verification]] or dual-factor [[dido:public:ra:xapend:xapend.a_glossary:a:authentication|authentication]], is a security process in which users provide two different authentication factors to verify themselves. This process is done to better protect both the user's credentials and the resources the user can access. Two-factor authentication provides a higher level of security than authentication methods that depend on [[dido:public:ra:xapend:xapend.a_glossary:s:sfa]], in which the user provides only one factor -- typically, a [[dido:public:ra:xapend:xapend.a_glossary:p:password]] or passcode. Two-factor authentication methods rely on a user providing a password, as well as a second factor, usually either a security token or a [[dido:public:ra:xapend:xapend.a_glossary:b:biometrics|biometric]] factor, such as a fingerprint or facial scan.

Two-factor authentication adds an additional layer of security to the authentication process by making it harder for attackers to gain access to a person's devices or online accounts because knowing the victim's password alone is not enough to pass the authentication check. Two-factor authentication has long been used to control access to sensitive systems and data, and online service providers are increasingly using 2FA to protect their users' credentials from being used by hackers who have stolen a password database or used [[dido:public:ra:xapend:xapend.a_glossary:p:phishing|phishing]] campaigns to obtain user passwords.

See also: [[dido:public:ra:xapend:xapend.a_glossary:s:smart_card]] and [[dido:public:ra:xapend:xapend.a_glossary:r:rsa_secureid]]

Source: [[https://searchsecurity.techtarget.com/definition/two-factor-authentication]]