Two-Factor Authentication (2FA) Guide

Two-factor authentication (2FA) adds a second layer of security beyond your password. Even if your password is compromised, attackers cannot access your account without the second factor.

Types of 2FA

• Authenticator apps (TOTP) — Most secure common method. Use apps like Aegis or Google Authenticator.
• Hardware security keys — Strongest option. Physical FIDO2/WebAuthn devices like YubiKey.
• SMS codes — Convenient but vulnerable to SIM-swap attacks. Use only as a last resort.
• Email codes — Better than SMS but still depends on email account security.

Enable 2FA on all important accounts: email, banking, social media, and work systems.