Module 2: Two-Factor Authentication

Course 1: Account Security Fundamentals

Progress: Module 2 of 2

🔐 Two-Factor Authentication

Two-factor authentication (2FA) adds a second layer of security beyond your password. Even if someone steals your password, they still can't access your account without the second factor.

      💡 Powerful Protection: Microsoft reports that enabling 2FA blocks 99.9% of automated attacks. Google found that adding a recovery phone number blocks 100% of automated bots, 96% of bulk phishing attacks, and 76% of targeted attacks.
    

What is Two-Factor Authentication?

2FA requires two different types of verification:

Something you know - Your password or PIN
Something you have - Your phone, security key, or authentication app
Something you are - Your fingerprint, face, or biometric data

True 2FA requires factors from two different categories.

Types of Two-Factor Authentication

1. SMS Text Messages

✓ Easy to set up, works on any phone
✗ Vulnerable to SIM swapping, requires cell service

2. Authentication Apps

✓ More secure than SMS, works offline, free
✗ Requires smartphone, codes expire quickly

Examples: Google Authenticator, Microsoft Authenticator, Authy

3. Hardware Security Keys

✓ Most secure option, resistant to phishing
✗ Costs money ($25-50), can be lost

Examples: YubiKey, Google Titan

4. Push Notifications

✓ User-friendly, shows login location
✗ Vulnerable to "MFA fatigue" attacks

5. Biometric Authentication

✓ Convenient, can't be forgotten
✗ Requires compatible hardware, can't be changed if compromised

Which Accounts Need 2FA?

Enable 2FA on these accounts first:

      🎯 Priority Accounts:
      Email - Key to resetting other passwords
Financial - Banks, credit cards, PayPal
Social media - Facebook, Instagram, Twitter/X
Cloud storage - Google Drive, Dropbox, iCloud
Password managers - Protect your vault

    

Common Mistakes to Avoid

Approving without thinking - Always verify login details before approving push notifications
Using only SMS - Use authenticator apps or hardware keys when possible
Not saving backup codes - Store them securely in case you lose your device
Sharing 2FA codes - Never share codes with anyone—it's always a scam

How to Enable 2FA

Go to account security settings
Find the 2FA/MFA option (may be called "Two-Step Verification")
Choose your method (authenticator app recommended)
Follow setup instructions
Save backup codes in a secure location
Test it by logging out and back in

Test Your Knowledge

← Previous: Module 1

Module 2: Two-Factor Authentication

🔐 Two-Factor Authentication

What is Two-Factor Authentication?

Types of Two-Factor Authentication

1. SMS Text Messages

2. Authentication Apps

3. Hardware Security Keys

4. Push Notifications

5. Biometric Authentication

Which Accounts Need 2FA?

Common Mistakes to Avoid

How to Enable 2FA

Test Your Knowledge

📝 Module 2 Quiz

Question 1: What percentage of automated attacks does 2FA block?

Question 2: Which 2FA method is most secure?

Question 3: True or False: You should save backup codes in case you lose your 2FA device.

Question 4: What are the three categories of authentication factors?

Question 5: Which account should you enable 2FA on first?