Two-factor authentication consists of something you know (like a password) and something you have, (such as a phone or security key). Once you enter your user name & password, you’ll be prompted for a second code that may be SMS’d to you, generated by an app such as Google Authenticator, or issued via a security token such as a yubikey, RSA, etc.
- Two-factor authentication is more secure because a hacker can’t simply guess your password or use a brute force attack to access your account. Even if they hack your password, they would still need the component only you have such as your phone or security key to gain access.
- Nowadays, a lot of services have enabled two-factor authentication to improve your security. These include Google/Gmail, LastPass, Apple, Facebook, Twitter, Dropbox, Evernote, PayPal, LinkedIn, WordPress, Office 265, as well as others.
- To understand how vulnerable you may be to hacking, read the story of Mat Honan, one of the writers for Wired.com, & how his accounts were hacked & his computers wiped. www.wired.com/2012/08/apple-amazon-mat-honan-hacking/all/