What Is Two-Factor Authentication? (And Why You Should Care)

Hint: It’s another way to safeguard your online identity.

Strong passwords are a great first step in protecting your digital identity. Combining them with two-factor authentication offers even more protection to thwart identity thieves.

What is two-factor authentication?

Two-factor authentication requires you to present two pieces of information when accessing an account. When you insert your debit card and enter your PIN at an ATM, that’s two-factor authentication. Another example: When you use a password on a website and then receive a numeric code by email or text message that you must enter to access your account.

Two-factor authentication is also called multifactor authentication or two-step verification. The two security factors often include:

  • Knowledge: something known only to you, such as a password
  • Possession: something only you have, such as a physical card or your phone
  • Inherence: a characteristic unique to you, such as your fingerprint

Using two or more of these factors provides additional assurance when accessing a digital account, says Gopal Padinjaruveetil, AAA Chief Information Security Officer.

“It decreases the probability that an attacker can impersonate you and gain access to computers, accounts or other sensitive resources,” he says. “Even if a fraudster gains access to a password, they likely won’t have the second element needed to authenticate.”

When should you use two-factor authentication?

If a company or website offers the added security, Padinjaruveetil advises to use it. At AAA, for example, you can use two-factor authentication in the AAA Mobile app with your phone and either your facial pattern or fingerprint.

“It will give you peace of mind about protecting your digital identity and help prevent unauthorized access to critical financial and sensitive data,” he says.

How do you use two-factor authentication?

Although some companies, apps and websites require you to use two-factor authentication, many others offer it as an option—but you must turn it on. Each app or website differs on how to use it, but you typically turn it on when you first sign up or through “settings” or “security” links. Here are some examples from GoogleFacebook and Instagram.

Is two-factor authentication foolproof?

Although two-factor authentication helps protect your privacy, it isn’t a guarantee.

“Nothing is perfect when it comes to security,” Padinjaruveetil says. “Factors can get lost or stolen. Don’t put 100% confidence in technology and artificial intelligence—always remember human intelligence is superior to machine intelligence.”

Keep reading in: