An example of two-factor authentication is using a bank card plus a PIN to withdraw money from an ATM.

What two-factor authentication means

Two-factor authentication (2FA) requires two different types of verification before access is granted. Typical factors are:

  • Something you know (password or PIN)
  • Something you have (card, phone, hardware token)
  • Something you are (fingerprint, face, iris)

Common real-world examples

  • Inserting a bank card at an ATM and entering the correct PIN.
  • Logging into an online account with a password and then entering a one-time code sent via SMS or generated by an authenticator app.
  • Using a password plus fingerprint or face scan to unlock an app or device.

How to spot the correct option

When you see a “which of the following” question, the correct 2FA example will:

  • Combine two different factor types (for example, password + phone code, or card + PIN).
  • Not just repeat the same factor twice (e.g., password + security question are both “something you know,” so that is not true 2FA).

Bottom note: Information gathered from public forums or data available on the internet and portrayed here.