NovaBlockNovaBlock
All terms

Two-Factor Authentication

Also known as: 2fa, mfa, otp

Requiring a second credential — a code, a hardware key, a passkey — in addition to a password.

Updated 10 February 2026

Two-factor authentication makes a stolen password insufficient on its own. Factors are grouped as something you know (password), something you have (phone, hardware key) or something you are (biometric). The strongest common form is a hardware security key or a passkey; SMS codes are the weakest and vulnerable to SIM-swap attacks.

Any 2FA is dramatically better than none. Prefer authenticator apps or hardware keys over SMS when available.

Related terms