Security Beginner

What is Two-Factor Authentication (2FA)?

A security method requiring two different forms of identification before granting access to an account.

2FA combines something you know (password) with something you have (phone, hardware key) or something you are (biometrics). Even if a password is compromised, the second factor prevents unauthorized access.

Methods include TOTP apps (Google Authenticator, Authy), SMS codes (less secure due to SIM swapping), hardware keys (YubiKey), push notifications, and biometric factors. 2FA significantly reduces account compromise risk.

Learn More About This Topic

Linux Security Essentials

Related reading

Windows PKI & Certificates

Related reading

SOC Analyst Fundamentals

Related reading

Related Terms

Brute Force Attack

An attack method that systematically tries all possible combinations of passwords or keys until the correct one is found.

Session Hijacking

An attack where an adversary takes over a legitimate user session by stealing or predicting the session identifier.

Webhook Signature Verification

A security mechanism that verifies webhook payloads are authentic and unmodified using cryptographic signatures.

DDoS (Distributed Denial of Service)

An attack that floods a target server or network with traffic from multiple sources to overwhelm it and deny service to legitimate users.

The process of converting readable data into an unreadable format using algorithms, reversible only with the correct key.

SAST (Static Application Security Testing)

Automated analysis of source code to find security vulnerabilities without executing the application.

View All Security Terms →