Two-Factor Authentication (2FA)

Two-Factor Authentication (2FA) is a specific form of multi-factor authentication that requires exactly two verification factors — typically a password (something you know) plus a one-time code from an authenticator app or hardware token (something you have). While often used interchangeably with MFA, 2FA specifically means two factors rather than two or more.

2FA significantly reduces the risk of account compromise because an attacker who steals your password still can't log in without the second factor. For defense contractors, 2FA should be implemented on all remote access, privileged accounts, and any system that handles CUI.

Why It Matters

MFA (of which 2FA is the most common implementation) is a CMMC requirement for remote access and privileged accounts. Implementing 2FA is one of the most effective single actions you can take to protect your accounts from compromise.