Term of the Moment

blockchain economy


Look Up Another Term


Redirected from: cellphone 2FA

Definition: two-factor authentication


The use of two independent mechanisms to verify the identity of a user. There are four authentication factors as follows:

1. What you know (password, PIN, personal data).

2. What you have (private cryptographic key, authentication token).

3. What you are (biometric scan).

4. What you do (speak a phrase, hand write a signature).

Any two of the four are used in two-factor authentication (2FA); for example, using a password with a token (1 and 2) or a password and fingerprint scan (1 and 3). A password and security question such as "what is your grandmother's maiden name" may be two factors, but they both fall into the "what you know" category, and both could be acquired illegally from the same website. One factor from two different categories is more secure.

Cellphone Second-Factor Codes
Another common two-factor method is that after users log in with a password, a code is texted to their cellphone ("what you have"). Copying that security code from the phone into the login process provides the second factor. See FIDO, multi-factor authentication, authentication, smart card, password and one-time password.




Is It 2FA or 2SV?
The cellphone is commonly used as a second factor, and the code is only valid for a short time. The "2-Step Verification" title implies that the original log-in came from the same phone and not another device such as a desktop computer, otherwise the title should read 2-Factor and not 2-Step. However, "2-step" and "2-factor" are sometimes used interchangeably.






A Backup for 2FA
In this situation, users are given a temporary authentication code in case the phone were ever lost.





A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
misc