Called double authentication or two-factor authentication (2FA) is a security method that requires two distinct types of identification to access an account or system.
Summary: - 2FA = Two-factor authentication - Uses two distinct types of identification - Types of factors: knowledge, possession, biometrics - Examples: password + SMS code, fingerprint + application code - Objective: to strengthen the security of online accounts.
Two-factor authentication (2FA) is a security measure that strengthens the protection of online accounts by requiring two distinct forms of identification before granting access. This method adds an extra layer of security beyond the simple password, making it much more difficult for unauthorised people to access sensitive information.
The three main types of authentication factors are :
- Something you know (e.g. password, PIN code)
- Something you own (e.g. smartphone, physical security key)
- Something you are (e.g. fingerprint, facial recognition)
The typical 2FA process is as follows:
- The user enters their username and password (first factor).
- The system requires a second form of identification (second factor).
- The user provides this second factor.
- If both factors are validated, access is granted.
Common examples of the second factor :
- Code sent by SMS
- Code generated by an authentication application
- Physical security key (like YubiKey)
- Push notification on a mobile device
- Fingerprint or facial recognition
Advantages of 2FA :
- Significantly strengthens account security
- Reduces the risk of identity theft and unauthorised access
- Protects against brute force and phishing attacks
It is important to note that although 2FA greatly improves security, it is not infallible. More advanced methods, such as multi-factor authentication (MFA), which uses more than two factors, can offer even more robust security for the most sensitive systems.