Two-factor authentication (2FA) is a security system that requires two distinct forms of identification in order to access something.
Two-factor authentication can be used to strengthen the security of an online account, a smartphone, or even a door. 2FA works by requiring two types of information from the user - a password or personal identification number (PIN), a code sent to the user's smartphone (called a message authentication code), or a fingerprint - before access is granted.
You can enable the feature from My Account->Account Details-> Two-Factor Authentication Preferences
On Login – set it up to add additional authentication on every login.
On Change Password – Set it up whenever you change your password.
On Change Phone – When you login from a new device.
You can choose where to receive a notification, so you’re constantly aware of any unauthorized activity on your account (SMS, E-mail)
While 2FA does improve security, it is not foolproof. Two-factor authentication goes a step further in verifying Identity from the user simply entering a PIN or CVV number from their credit card.
However, hackers who acquire the authentication factors can still gain unauthorized access to accounts. Common ways to do so include phishing attacks, account recovery procedures, and malware.
Hackers can also intercept text messages used in 2FA. Critics argue that text messages are not a true form of 2FA since they are something the user is sent, and the sending process is vulnerable. Instead, the critics argue that this process should be called two-step verification. Some companies, such as Google, use this term.
Still, even two-step verification is more secure than password protection alone. Even stronger is multi-factor authentication, which requires more than two factors before account access will be granted.