Two-Factor Authentication, also known as 2FA, is an extra layer of security that requires users to use both their online password and their mobile phone to verify their identity in order to access a service or a web app. In addition to using their service credentials to access sensitive data, the user also receives a one-time passcode or PIN number on his token or via SMS.
The advantage of using a mobile phone for 2FA is that users tend to carry their mobile devices with them at all times. That way, services can ensure that their users receive the verification PIN over something that only they have. The one-time PIN (OTP) number is generated and sent to the user’s mobile phone. The user receives the OTP and types it into the application to confirm their identity.