Two-factor authentication (2FA) is type of user authentication, through which a user is granted access to their requested service. It works by adding a second layer of security (usually in addition to a password), in which a user is asked to enter a token that only they should have access to. This token is most commonly sent to using an SMS message or a phone application. 2FA is a type of multi-factor authentication (MFA).

Although 2FA mainly used SMS based tokens originally, concerns about the insecurities of SMS tokens have meant wider adoption of application based approaches.


Last updated: 2 September 2017