Two-factor authentication (2FA) is a security procedure in which two independent characteristics (‘factors’) are verified during login to uniquely confirm a user’s identity. It offers significantly greater protection than a simple password.
To access an account or system, two of the following three factors must be combined:
Knowledge – something that only the person knows (e.g. password, PIN)
Possession – something that only the person possesses (e.g. smartphone, token, smartcard)
Biometrics – something that is unique to the individual (e.g. fingerprint, facial recognition)
A typical example: logging in with a password and a one-time code sent via an app or text message.
Passwords alone often do not provide sufficient protection – they can be guessed, stolen or exposed through data breaches. Two-factor authentication (2FA) prevents an attacker from gaining access using a stolen password alone.
When accessing cloud services such as Microsoft 365, Google Workspace or DATEV
When logging in to the company network via VPN
When accessing admin interfaces, e.g. servers, email accounts, CRM systems
When using tools for managing customer data or sensitive information
Protection against unauthorised access, even if passwords are leaked
Easy to set up using authenticator apps, SMS or hardware tokens
Recommended by data protection authorities and cybersecurity experts
Two-factor authentication is one of the most effective and, at the same time, cost-effective measures for improving the security of IT systems in SMEs – particularly when it comes to sensitive applications and data.
