2FA
Definition
Two-Factor Authentication - a security measure that requires users to provide two different forms of identification, enhancing account protection against
Use Cases
- Google: Protecting consumer Gmail accounts from account takeover — Google offers 2-Step Verification for Google Accounts, commonly using the Google Prompt push notification or time-based one-time codes from an authenticator app, in addition to the account password. (Adds a strong extra layer of protection against password theft and phishing-driven account takeover by requiring a second proof of identity at sign-in.)
- Microsoft: Securing employee access to Microsoft 365 and Azure resources — Organizations enable Microsoft Entra ID Multi-Factor Authentication and require a second factor (Microsoft Authenticator push/number matching, FIDO2 security keys, or SMS/voice where allowed) for user sign-ins, often combined with Conditional Access policies. (Reduces the likelihood of unauthorized access when passwords are compromised and helps meet common compliance requirements for strong authentication.)
- Amazon Web Services (AWS): Protecting privileged access to the AWS Management Console — Teams enable MFA for the AWS root user and for IAM users/roles that can sign in, using virtual authenticators or hardware MFA devices, and enforce MFA via IAM policies and account controls. (Significantly lowers risk of account compromise for high-impact administrative actions by requiring a second factor beyond the password.)
Provider Equivalents
- AWS: AWS IAM MFA
- Azure: Microsoft Entra ID Multi-Factor Authentication
- GCP: Google Cloud Identity / Google Workspace 2-Step Verification
- OCI: OCI IAM MFA
Frequently Asked Questions
- What's the difference between 2FA and MFA?
- 2FA uses exactly two factors (for example, password + phone code). MFA (multi-factor authentication) means two or more factors. In practice, many products say “MFA” even when they usually use two factors.
- When should I use 2FA?
- Use 2FA anywhere a compromised account would matter: email, banking, admin consoles (AWS/Azure/GCP/OCI), VPN/remote access, payroll/HR systems, and any app with sensitive data. It’s especially important for administrator accounts and for users who can approve payments, change security settings, or access customer data.
- How much does 2FA cost?
- Many consumer services include 2FA at no extra cost. In businesses, cost depends on the identity provider and the factor type: authenticator apps and TOTP codes are often low-cost, while hardware security keys have a per-device cost. Some enterprise identity features (like advanced conditional access, reporting, or certain MFA methods) may require paid licensing from the identity platform vendor.
Category: security
Difficulty: basic
Related Terms
See Also