How 2FA Works
- Something you know – password or passphrase
- Something you have/are – TOTP app, hardware key, or fingerprint
Deployment Tips
- Favor FIDO2 hardware keys for admin accounts.
- Enable push‑based authenticators for user convenience.
- Disable legacy SMS if possible.
Studies show 2FA blocks 99.9 % of automated credential attacks.