Skip to main content
Surveillance
Self-Defense

Two-factor authentication

"Something you know, and something you have." Login systems that require only a username and password can be vulnerable to someone else obtaining (or guessing) those pieces of information. Services that offer two-factor authentication also require you to provide a separate confirmation that you are who you say you are. The second factor could be a one-off secret code that is sent to you via email or text, a number generated by a program running on a mobile device, or a separate device, such as a USB authentication token that you carry and that you can use to confirm who you are. Companies like banks, and major internet services like Google, PayPal, and Facebook offer two-factor authentication .