2-Factor authentication is where a user authenticates with a system using a secondary piece of known information.
Normally, most user permission system have a username and a password. This is single-factor authentication.
When you add a secondary element to this authentication system, you call it "2-Factor Authentication".
Some of the examples of 2-factor authentication are:
- Email - where an email is sent to the user's registered email address for them to click a link and confirm their intent to login.
- Yubikey - where a user enters a One-Time-Password (OTP) generated by a Yubikey-device.
- SMS - where after logging in, a user receives and code by SMS to their registered phone.
Shield Security plugin offers 3 different types of 2-factor authentication:
- Email - after you login, you'll get an email sent to your account with a code / link to use to complete the login.
- Google Authenticator - you'll use an app that generates a random code which you use to login
- Yibikey - like the other two methods, but uses a hardware device that generates the code
It also provides U2F authentication for advanced login security.
For more information about 2-factor authentication, read the blog article here.