Usernames and passwords. They’ve been around a long time. They work, sorta. They work better with a password manager that helps you make strong passwords unique to each of your logins.

But usernames and passwords have many problems. You could easily watch someone type their password in a coffee shop. I was on a commercial flight not long ago, and an executive from a MAJOR bank logged into their system in the row in front of me holding their smartphone at eye level for the whole plane to see.

“2 factor” is a concept that has been around for a long time, and is much more straightforward than the marketing fluff may make it seem. The idea is to add a second method of authentication to your existing login. So in the case of a username and password login system, having something physical that you also have to authenticate with as another layer of security. Sometimes the second factor can be who you are. Your fingerprint is an example.

While not foolproof, adding more layers does make unauthorized access to your accounts more difficult.

And that’s a foundation of security: make it more expensive to steal than the information is worth.

It’s very common to see text messages be used as a second-factor authentication, but we highly recommend at least an Authenticator app like LastPass, or Google Authenticator. If you really want to step up your game, a physical device like a Yubikey is an excellent and affordable choice.

In our research adding hardware 2-factor authentication dramatically reduces the chance of employees being phished.