Two-factor authentication, or "2FA," is a means for authenticating a user's identity using two different types of information, or "factors." The primary advantage of two-factor authentication is a greater level of security than single-factor authentication provides. Other advantages of most current two-factor authentication mechanisms used today include relative ease of use when combined with specific technologies like a mobile phone.
When logging into an account or website by using a username and password, a user is presenting one type of information to authenticate. In this case, it is a shared secret in the form of the password. Should another party guess that password, the single factor is compromised.
In two-factor authentication, two different types of information from the following are used to ensure the user is who he says: some object the user has, like an ATM card, or a phone; some secret the user knows, like a password, zip code, or PIN code; and something unique to the user, like a fingerprint or voice print. When using a mobile phone, for example, two-factor authentication becomes easier to use, as long as the phone is in the user's possession and is available for use. A shared secret stored and recalculated on the phone keeps the user from having to remember another password or PIN code.