The standard combination of username and password is not as secure as you may think. Even longer, more complex passwords are still at threat from data breach credential dump (e.g. posting passwords on Pastebin) or elaborate password attacks combining personal information, such as creating a custom password list with your personal information included.
Thankfully, Two-Factor Authentication aims to eliminate this security concern by adding an extra layer of authentication before granting you access to a service. Rather than using just a username and password, which can both be susceptible to theft, you are also required to enter a second form of authentication. As an example, most banking providers use Two-Factor Authentication to protect your online banking account. The bank will send you a 4 to 6-digit code, usually to your mobile phone, which must be entered in conjunction with your password to gain access to your account. Two-Factor Authentication codes can only be used once, and typically have an expiration timer lasting around 30 seconds before a new code is generated to ensure that it is as unique as possible.
With this in mind, it is imperative to enable this security feature on all services to reduce the risk of your account being compromised. Two-Factor Authentication is gaining a lot of traction and is now used across a wide array of popular services such as Google, Facebook, Amazon and many more.
Two-Factor Authentication has proven invaluable in regard to online account safety and is become widely available on more services at a rapid rate. However, as with all security measures, it is always advised to build on a good foundation – use strong passwords across all services and ensure that these are different for every website you use.