To increase authentication security, procedures are used that do not only work with the password, as in single-factor authentication (SFA), but combine two or three security factors. These procedures are called Two-Factor Authentication (2FA) and Multifactor Authentication (MFA).
In two-factor authentication, two identifiers are combined. For example, a password, personal identification number or passphrase can be combined with a biometric feature such as a fingerprint or iris recognition, or a static password with a one-time password, Knowledge-Based Authentication (KBA) and a security token can also be used, a password and a digital certificate or the PIN/TAN procedure. Always combinations of two different procedures.
The term Two-Step Verification is also used synonymously for Two-Factor Authentication (2FA). The difference between the two procedures is that Two-Step Verification works in two steps, using the same authentication. In contrast, Two-Factor Authentication works in two steps with two different authentications.
With Universal Second Factor (U2F), which is published by the FIDO Alliance, there is an industry standard for Two-Factor Authentication (2FA).