2FA - two-factor authentication

Two-factor authentication (2FA), refers to the verification of a user's identity through a combination of two different and, in particular, independent components (factors). Typical examples are a bank card and PIN at ATMs, a fingerprint and access code in buildings, or a passphrase and transaction number (TAN) for online banking. Two-factor authentication is a special case of multi-factor authentication.

Two-factor authentication is particularly recommended for security-critical applications, for example, by the German Federal Office for Information Security in its IT Baseline Protection catalogs. However, the BSI for Citizens and Stiftung Warentest now recommend that consumers use two-factor authentication for as many web-based services and online portals as possible. The reason for this is that users often choose unsuitable or weak passwords and use the same password for multiple user accounts and web services. One-time passwords expire after a few seconds or minutes – this fends off attackers who try to eavesdrop on passwords, for example, by reading passwords as they are typed or using a keylogger.

In banking, two-factor authentication was made mandatory for the European Economic Area in 2018 with the EU Payment Services Directive. Web platforms such as Amazon and Google and email providers such as mail.de (since 2012), posteo (since 2014), and mailbox.org also offer users the option of protecting their accounts with two-factor authentication.