Sentrly
Two-Factor Authentication (2FA)
A login that requires two different proofs — something you know, plus something you have or are.
Definition
2FA (also called multi-factor authentication, MFA) means an attacker who steals just your password isn't in. The 'second factor' is typically a code from an app (TOTP), a push prompt, a hardware key (FIDO2/WebAuthn), or — least securely — an SMS code.
The most important accounts to protect with 2FA are your primary email (because it can reset everything else) and your password manager. Hardware keys are the strongest option; TOTP apps are a strong, free middle ground.
Example
You log in with your password. The site then prompts you to tap your hardware security key. Even if a phisher had your password, they couldn't complete the second step from a fake site.
Frequently asked questions
Is SMS 2FA okay?
Better than nothing for low-value accounts, but vulnerable to SIM-swapping. Avoid it for email, banking and your password manager.
Should I save backup codes?
Yes — print them or store them in your password manager. They unlock the account if you lose your second factor.