Security glossary
What is multi-factor authentication (MFA)?
MFA adds a second login check after your password, like an app code or hardware key.
Last reviewed: 2026-05-23
In plain English
MFA reduces risk because a stolen password is not enough on its own.
App-based MFA is usually stronger than SMS when both are available.
MFA is one of the highest-impact actions after breach notifications.
Real-world example
You enter your password and then approve sign-in in your authenticator app before access is granted.
What you should do
- Enable MFA on email, banking, and account recovery services first.
- Use app-based MFA or security keys where possible.
- Store recovery codes safely in case your phone is lost.
Related terms
What is account takeover?
Account takeover (ATO) is when someone gains control of your account and can change settings, spend money, or lock you out.
What is SIM swapping?
SIM swapping is when attackers convince a telecom provider to move your number to their SIM card.
What is a password manager?
A password manager stores unique passwords and helps you avoid dangerous password reuse.