What is Two Factor Authentication or 2FA?

2FA Header

Two Factor Authentication is a type of multi-factor authentication method which is used as an additional layer of security for your online accounts.

But before explaining this method further, we will discuss these two questions first.

Why this security method is required?

Why not your old password security good enough to protect you?

Our current life is now more dependent on mobile phones and laptops, and as online users are increasing day by day, cybercriminals are also increasing at the same pace.

It is now becoming common to hear news about hacks, data leaks, account breaches very frequently.

So, what can we do to secure our online accounts? We must create an additional security measure, as only the “username and password” method is not capable to prevent such data hacks.

Passwords are a very old method but now a day’s can easily be hacked by new advanced cybercriminals. The major flaws in the password system are not the system itself, but we all people, who don’t make a strong password. As per Google report, still, the most common passwords are “1234567” or “11111111” or “qwerty” and so no. Such easy passwords can easily be hacked by any cybercriminal. I will create and share a separate post on how we can create a strong password quickly and easily without forgetting it.

Meanwhile, now we know that cybercrime is increasing, and passwords alone are not enough to secure us. Hence to increase our online security, comes the role of Two Factor Authentication (2FA).

In 2FA, when you enter login name and password in any online account, you will not gain access to that account immediately, after successful acceptance of the login and password system will ask you to provide additional information to gain access to the account.

Now, from where this additional information will come? It uses any one of the following methods:

1)      Something you know: Like any PIN, password, secret question, etc.

2)      Something that you have: Like any credit card, mobile phone or any hardware token, etc.

3)      Something you are: Your biometrics, fingerprints, retina scan, etc.

4)      Somewhere you are: At some specific geo-locations

 A simple example will explain to you further:
When you go to any Bank ATM to withdraw money, a correct combination of “something you have” (Bank Debit Card) and “something you know” (Debit Card PIN) will grant you access to withdraw your money.

So, if your password will get hacked by any cybercriminal then he cannot get into your account if you have enabled the Two Factor Authentication Methods.

All major online applications and email providers like Gmail, Outlook, Facebook, Twitter, WhatsApp, Amazon, Yahoo, and many more have this security feature, but you must enable this feature as, by default, it remains disabled.

Common types of Two Factor Authentications

Hardware Token-Based:

It is the oldest form of 2FA which uses a small key-like hardware token which generates a numeric code every 30 seconds and you have to use that code during the login of a particular account. This method is still used by many companies where they want secure access to any software or account.

SMS Message-Based:

In this method, you receive a secret numeric code (OTP) via text message service (SMS) to your mobile phone directly whenever you try to login to your account. This method is the most popular nowadays.

Software Token-Based:

In this method, you have to download a software application in your mobile phone and have to link a particular account which then automatically generates codes similar to that of hardware token codes which will be used to login to that particular account which you have linked to it. Many such types of software authenticator apps are available in Play Store. The most popular are Google Authenticator and Microsoft Authenticator. You can download any one of these and can link it with multiple accounts.

Push Notification Based:

In this method, you will receive a push notification on your device and can approve the same in real-time through that notification whenever a login attempt is made to your account. This method is commonly used by Google accounts.

Advantages of Two Factor Authentication:

1)   Nowadays the primary token/ information that requires for 2FA, is your mobile phone, so you don’t have to take any other hardware token, and the mobile phone is always available to you.

2)      Codes are frequently changed in a timely manner, so security also increased.

3)      Push Notifications and OTP based 2FA are now very fast, and you don’t have to wait much.

4)      Most important, it will increase your security so that any leak of your password will not directly give access to your accounts to any cybercriminals.


Everyone should use Two Factor Authentication methods to protect their online accounts. Every leading online company now has this feature. If you are using the account of any company which doesn’t provide this feature, you can give them feedback to add this feature or either stop using their services.

Each information you receive to increase your online security will not make you stronger against these Cyber Criminals unless you act upon that information.

To get more information about Cyber Security check our article: 51 Cyber Security Tips

And if you like this information do share it with your friends and family.

Post a Comment


  1. 2FA or MFA have become very important today. It's a must have for all your accounts.