What you know would be a traditional user ID and password. This is something that the user knows and carries around in their head.
What you are would be a physical characteristic of the user that, ideally, can't be modified, such as their fingerprint, face, retinal veins or voice. Authentication using what you are would obviously be biometrics systems.
Combining any two of these factors is two-factor authentication. Using only one, such as only a user ID and password, would be single-factor authentication.
How does two-factor authentication protect you from hackers? Well, each factor has its own unique weaknesses, but each vulnerability is different. An attacker can steal a password and token, but stolen tokens are not easily used. However, tokens can be defeated in other ways, such as by man-in-the-middle attacks, which are a whole different scenario. And biometrics are a different story altogether.
This means two-factor authentication offers a multi-layered approach to security. If one factor is broken one way, the second factor provides protection since it can't be broken the same way. For example, if a hacker steals a user ID and password, say, through a phishing site, if a token -- the second factor -- is also required to log on to the Web site, the attack is blocked. Two-factor authentication provides an extra layer of protection and security.
Dig Deeper on Biometric technology
Related Q&A from Joel Dubin
Learn about the purpose of CAPTCHA challenges that enable websites to differentiate bots from authentic users to stop spammers from hijacking forums ... Continue Reading
Proper planning is at the top of the list for single sign-on best practices, but it's important to get enterprise SSO implementations off to a good ... Continue Reading
After a server room door has been compromised, finding a more secure solution is of utmost importance. Learn how to choose a server room door that ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.