2-Factor authentication is where a user authenticates with a system using a secondary piece of known information.


Normally, most user permission system have a username and a password.  This is single-factor authentication.


When you add a secondary element to this authentication system, you call it "2-Factor Authentication".


Some of the examples of 2-factor authentication are:

  • Email - where an email is sent to the user's registered email address for them to click a link and confirm their intent to login.
  • Yubikey - where a user enters a One-Time-Password (OTP) generated by a Yubikey-device.
  • SMS - where after logging in, a user receives and code by SMS to their registered phone.


Shield Security plugin offers 3 different types of 2-factor authentication:

  1. Email - after you login, you'll get an email sent to your account with a code / link to use to complete the login.
  2. Google Authenticator - you'll use an app that generates a random code which you use to login
  3. Yibikey - like the other two methods, but uses a hardware device that generates the code


For more information about 2-factor authentication read the blog article here.