What is two-factor authentication?

Man uses two-factor authentication to sign into appImage: Man uses two-factor authentication to sign into app

In a Nutshell

Two-factor authentication, also known as 2FA or multifactor authentication, is a two-step verification system that makes sure only authorized users access your accounts or devices. 2FA helps keep your accounts more secure.
Editorial Note: Intuit Credit Karma receives compensation from third-party advertisers, but that doesn’t affect our editors’ opinions. Our third-party advertisers don’t review, approve or endorse our editorial content. Information about financial products not offered on Credit Karma is collected independently. Our content is accurate to the best of our knowledge when posted.

Two-factor authentication goes by many names, but the goal is always the same: to protect your data from being stolen.

The standard way to log in to accounts and devices is via a username and password. The problem with this kind of security is that people often use passwords that are easily guessed or the same few passwords for all of their online accounts. Two-factor authentication, also known as 2FA or multifactor authentication, adds an additional layer of security to your online accounts by requiring anyone logging in to have more than just your username and password.

How does two-factor authentication work?

If you have two-factor authentication enabled, your account will ask for two pieces of information in order to verify your identity. This information tends to fall into three general categories:

  1. Something you know (a password or PIN)
  2. Something you have (a physical device — like a card, smartphone or security token)
  3. Something you “are” (biometric data — like a fingerprint)

In order for a successful 2FA, you must correctly provide information from at least two categories.

A common instance of 2FA is when you use your debit card at the ATM. You must insert your debit card (a physical device) and input your PIN. Another common use of 2FA is when a company sends you a text with a randomly generated code after you’ve entered your username and password, and then asks you to enter that code in order to access your account.

The reason your authentication comes from two different categories is that it’s unlikely a criminal would have access to more than one category. For instance, a thief might have stolen your debit card, but that person would also need your PIN to use it at an ATM. Or maybe criminals have stolen your passwords, but in order to access your accounts, they must also access your phone.

Is two-factor authentication worth the hassle?

Having to answer additional questions just to log in to an account might seem like an unnecessary hassle. But according to the FBI, it’s not uncommon for a criminal to get your passwords — and it may be even easier to access your accounts than you’d think. For example, if you use the names of your children, spouse or pet in your password, gaining access to your account might be as simple as looking through one of your social media profiles.

Once they gain access to your online accounts — like email, banking, healthcare and investments — cybercriminals can glean all sorts of information about you. They can steal your money, or worse, they can steal your identity. And with your identity, a thief could potentially open up credit cards, take on medical debt and even take out loans under your name.

They typically make no effort to pay these debts back, and you often won’t know it’s happened until you receive a phone call from a debt collector or you happen to notice something awry on your credit reports (reinforcing the importance of reviewing your reports periodically).

Fixing all of the problems associated with identity theft can cost you time, money and heartache. Two-factor authentication is an easy step to help prevent identity theft by making your accounts more secure.

Using two-factor authentication

Many apps and internet-accessible accounts that hold sensitive data already have a two-factor authentication feature available; you just have to turn it on. If you can’t figure out how to do that, or if you’re unsure this security feature is available, contact customer service for the account or app.

Bottom line

Cybercriminals have become increasingly clever in their attempts to steal people’s data and identities, but using a two-step verification system can help thwart those efforts. And many sensitive accounts have a two-factor authentication feature already available. These apps make it easy for you to access your data and protect it at the same time.

About the author: Lauren Hargrave is a writer from San Francisco who focuses on technology, finance and wellness. Her work has appeared on Forbes.com and in The Atlantic. Lauren holds a bachelor’s degree in political science from UC Sa… Read more.