What is Two Factor Authentication and How Does It Work?

Two factor authentication is a security measure for websites that requires two levels of authentication before you can log in to a website.

2FA basically adds an extra layer of security over the normal username+password authentication.

How Does Two Factor Authentication Work?

In today’s world of increasing digital crime and internet fraud, a username and password combination are no longer secure enough to protect your online accounts. Two factor authentication requires an extra piece of information or token that only the account owner knows or has.  This means that,  even if a hacker gets your username and password, he/she still can’t log in to your account without that information or token.

For example:  You can enable two factor authentication for your Google account so that when you login with the correct username and password,  a code will be sent to your mobile phone.  You have to provide this code to access the Google account.  The phone acts as a token that only you can have.  The code sent to your phone is the extra information you have that a hacker won’t have even when they have the log in details for your account.

two factor authentication

Two factor authentication in most websites is smart enough not to ask you to log in and provide code too many times on your own personal computer.  Once you log in,  you can choose to save your computer or device under the ‘Trusted devices’  list so that automatic logins can still be possible.  The code will only be required on unfamiliar browsers, devices and geographical locations.

Where Can I Use Two Factor Authentication?

Thankfully most of the sensitive websites have implemented two factor authentication. It’s optional on all websites that have it as well; you can turn it on or off whenever you want.  Here are the websites where you can use two factor authentication.

Where Can I Use Two Factor Authentication?

Google/Gmail:  Google/Gmail accounts can be very sensitive especially for Ad-sense publishers and YouTube content creators.  Google’s 2 step verification has a wide range of options from text and voice messages,  back up codes,  security keys e.t.c.  Read more.

LastPass:  Last pass is one of the best password managers out there. If someone gets access to your Last pass account, they have you done! Here‘s how you can enable two factor authentication for Last pass.

Apple:  Apple also have two-factor authentication for your Apple ID. Read more about it here.

Facebook: We’ve been seeing and reading about Facebook accounts being hacked into every other day.  Make it harder for anyone to access your Facebook account by activating two factor authentication.  In Facebook,  it’s called ‘Login approvals’.  Read more.

Dropbox:  Keep your files safe on the cloud with 2 factor authentication.  Read more.

And the list goes on….. EvernotePayPal, Microsoft, Yahoo!,  AmazonLinkedIn, WordPress e.t.c.



  • Two factor authentication does not mean that your account is hack proof! It makes it significantly harder for hackers to get in though.
  • You can opt out of two factor authentication whenever you want.
  • Always have a back up token especially if it is your phone. You should have a back up phone number or email where applicable.
  • Even when using two factor verification,  always ensure that normal safety procedures like keeping your password private are followed.



Leave a Reply

Your email address will not be published. Required fields are marked *