Passwords leak. Two-Factor Authentication (2FA) adds a second lock so a stolen password alone isn’t enough. Here’s the short guide to understanding it—and turning it on fast.

How 2FA works

After entering your password, you confirm it’s really you with a second factor: a code from an app, a hardware key, or a prompt on your phone. Even if someone learns your password, they can’t log in without this second step.

Best options (from stronger to convenient)

• Hardware security keys (strongest): A small USB/NFC key you tap to approve logins.

• App-based codes (TOTP): Free authenticator apps generate 30-second codes offline.

• Push prompts: “Approve/Deny” notifications on your phone—easy, but beware of spam prompts.

• SMS codes (last resort): Better than nothing, but vulnerable to SIM-swap attacks.

Quick setup steps (general)

1. Open your account’s Security or Login & Security settings.

2. Choose Two-Factor Authentication and select Authenticator App.

3. Scan the QR code with your authenticator app; enter the 6-digit code to confirm.

4. Save backup codes somewhere safe (printed or in a secure manager).

5. Add a secondary 2FA method (another app or hardware key) in case you lose your phone.

Everyday safety tips

• Never approve a prompt you didn’t request.

• If you get repeated prompts, change your password immediately and review devices.

• Update your recovery email/phone so you can get back in if you switch devices.

Takeaway: Turn on app-based 2FA for your important accounts today. It’s a small step that blocks big problems.