two-factor authentication

Also found in: Dictionary, Thesaurus, Medical, Legal, Financial, Wikipedia.

two-factor authentication

The use of two independent mechanisms to verify the identity of a user. There are four authentication factors as follows:

1. What you know (password, PIN, personal data).

2. What you have (private cryptographic key, authentication token).

3. What you are (biometric scan).

4. What you do (speak a phrase, hand write a signature).

Any two of the four are used in two-factor authentication (2FA); for example, using a password with a token (1 and 2) or a password and fingerprint scan (1 and 3). A password and security question such as "what is your grandmother's maiden name" may be two factors, but they both fall into the "what you know" category, and both could be acquired illegally from the same website. One factor from two different categories is more secure.

Cellphone Second-Factor Codes
Another common two-factor method is that after users log in with a password, a code is texted to their cellphone ("what you have"). Copying that security code from the phone into the login process provides the second factor. See FIDO, authentication, smart card, password and one-time password.
Copyright © 1981-2019 by The Computer Language Company Inc. All Rights reserved. THIS DEFINITION IS FOR PERSONAL USE ONLY. All other reproduction is strictly prohibited without permission from the publisher.
References in periodicals archive ?
Twitch's two-factor authentication service is run through Authy, an app-based solution that provides short-term codes that are used to confirm a user's identity.
Twitter is taking this breach quite seriously as a new job posting for a a new worker to increase security by implementing two-factor authentication. Two-factor authentication will make it nearly impossible for hackers to gain access to accounts even if they know the password.
“GoldKey Soft-Tokens are the first mobile solution to provide two-factor authentication without the complexities of certificates or one-time passwords,” said Dr.
To turn on two-factor authentication, follow these steps:
In addition, GoldKey tokens with Flash fully support Gold-ID, GoldKey's enhanced two-factor authentication technology which provides a trusted alternative to SecurID.
While two-factor authentication offers far more protection than passwords, many enterprises have delayed the adoption because of the complexity of deployment, staffing requirements, and infrastructure cost.
Apple Pay Cash also requires two-factor authentication be enabled for Apple ID.
With the new minidriver, GoldKey users may effectively deploy two-factor authentication for Microsoft Active Directory[R] without the need for additional software or middleware.
Luckily, enabling two-factor authentication should serve as an effective deterrent to such an attack.