Much like the name implies, two-factor authentication adds a second way to verify you’re actually you while logging in. This can look a little different depending on what version you go with, but it will always rely on something that only you should have access to. A two-factor login could involve something like a cryptographically generated key, a one-time password sent to your phone, or a physical piece of hardware you plug in, just to name a few examples.
One of the best ways to defend against account breaches is to have 2FA turned on for as many sites and applications as possible. Even if someone has your password, they can’t log in without your two-factor code. Many sites even have several 2FA options available, so that begs the question – Which kind of 2FA is the best, and more importantly, which ones should you avoid whenever possible?
The linked article gives some practical examples as well as some sound advice on this topic. It’s true on the one end of the scale that hardware 2FA keys are not always usable, but on the other end having just plain e-mail without any 2FA is also not very safe. More and more, though, we are seeing password managers, like Bitwarden, which have 2FA also built right in, and which are securely synced across your devices. 2FA apps like Authy also sync the codes across devices, so if you lose your phone, you are not high and dry without your 2FA codes.
See https://www.androidpolice.com/why-you-should-use-2fa/
#technology #security #2FA