Two-factor authentication What is it?

Quick definition: A second verification step on top of your password (authenticator app code, SMS, biometric). Improves account security 100×.

Three authentication factors

(1) Something you know: a password.

(2) Something you have: a phone, a hardware key.

(3) Something you are: a fingerprint, your face.

2FA combines any two of these factors. An attacker has to steal two things at once.

TOTP (Authenticator app): Google Authenticator, 1Password, Authy. A 6-digit code that refreshes every 30 seconds. Recommended as standard.

SMS: Older method, breakable by SIM-swap attacks, but better than nothing.

Push notification: Microsoft Authenticator, Duo Mobile.

Hardware key: YubiKey, Google Titan. Most secure — resistant even to phishing.

Account → My account → Security → Enable two-factor authentication. Detailed: 2FA activation guide.

Don't forget to save your backup codes — they're your only way back in if you lose your phone.