(Extract from Wikipedia)
Two-factor authentication (TFA, T-FA or 2FA) is an approach to authentication which requires the presentation of "two or more" of the three authentication "factors" ("something the user knows", "something the user has", and "something the user is").
Two-factor authentication is commonly found in electronic computer authentication, where basic authentication is the process of a requesting entity presenting some evidence of its identity to a second entity. Two-factor authentication seeks to decrease the probability that the requestor is presenting false evidence of its identity. The number of factors is important as it implies a higher probability that the bearer of the identity evidence indeed holds that identity in another realm (i.e.: computer system vs real life). In reality there are more variables to consider when establishing the relative assurance of truthfulness in an identity assertion, than simply how many "factors" are used.
Two-factor authentication is often confused with other forms of authentication. Two factor authentication requires the use of two of the three regulatory-approved authentication factors. These factors are:
- Something the user knows (e.g., password, PIN);
- Something the user has (e.g., ATM card, smart card); and
- Something the user is (e.g., biometric characteristic, such as a fingerprint).