• Two Factor Authentication (2FA) is also called strong authentication and usually requires another proof, beyond just a password, for a user to assure their identity and gain access to a system, network, or application. Two-factor authentication technology usually requires that two out of the three following proofs be met:

      • Something the user knows, like a password,
      • Something the user possesses, like an ATM card, or
      • Something unique about the user, like a fingerprint.

      Common two-factor authentication methods include Chip and PIN card readers, tokens, and TANs.

      When information is particularly sensitive or vulnerable, using a password alone may not be enough protection. A stronger means of authentication, something that’s harder to compromise, is necessary. For example, health care information on a shared computer can be both sensitive and vulnerable. It’s sensitive because its exposure could result in HIPAA violations and fines, not to mention the loss of patients’ confidence in the medical institution. And the information is vulnerable if the shared computer can be used by many people or if it is connected to the Internet. These are the kinds of situations that require two-factor authentication. While biometrics is sometimes used with a PIN or password, hardware authenticators or tokens have traditionally been more widely available and supported.