// GLOSSARY -- SECURITY & COMPLIANCE

What is Two-Factor Authentication (2FA)?

1 min read Updated

Two-factor authentication (2FA) is a security measure requiring two different verification methods to access an account — typically combining something you know (password) with something you have (device/key).

WHY IT MATTERS

2FA is the minimum security standard for any crypto-related account. Exchanges, wallet apps, and DeFi frontends that support login should all use 2FA. A stolen password alone can't compromise a 2FA-protected account.

2FA methods ranked by security: hardware security keys (YubiKey, best) > authenticator apps (Google Authenticator, Authy, good) > SMS (vulnerable to SIM-swap attacks, avoid for crypto). Never use SMS 2FA for exchange accounts.

For developers building crypto applications, supporting hardware keys (FIDO2/WebAuthn) and TOTP authenticator apps should be mandatory. SMS should be a last resort or disabled entirely.

FREQUENTLY ASKED QUESTIONS

Why is SMS 2FA bad for crypto?
SIM-swap attacks: attackers convince your carrier to transfer your phone number to their device. They receive your SMS codes and bypass 2FA. This has been used to steal millions from crypto users.
What 2FA should I use?
Hardware security key (YubiKey) for maximum security. Authenticator app (Google Authenticator, Authy) for good security. Never SMS for crypto accounts.
What if I lose my 2FA device?
Use backup codes (save them securely during setup). Some services support multiple 2FA devices. Without backups, account recovery through customer support is often slow and difficult.

FURTHER READING

Enforce policies on every tool call

Intercept is the open-source MCP proxy that enforces YAML policies on AI agent tool calls. No code changes needed.

npx -y @policylayer/intercept
github.com/policylayer/intercept →
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.