Two-factor authentication

From Trezor Wiki
Jump to: navigation, search
Trezor WikiGlossaryGeneral technical termsSecurityTwo-factor authentication

Two-factor authentication (or shortly 2FA) provides an added level of security to an account. Two-factor authentication utilizes a second factor, typically in addition to a password, to confirm a user's identity and verify that a command originated from the rightful owner. For example, a commonly used method for two-factor authentication is entering a unique one-time code that has been generated by an external phone app, a dedicated hardware device or received through SMS.

Each Trezor device can be used for two-factor authentication with external services. Trezor devices support the Universal Second Factor (U2F) method, which is a widely supported standard for two-factor authentication. The secrets used in U2F are stored locally on the Trezor device and never leave the device, allowing for a high level of security. Trezor two-factor authentication can be used to secure any online account that supports U2F. Note that all secrets stored on your Trezor device are derived from your recovery seed, which is an essential part of your wallet backup.

See also: Phishing (basic) & PIN (basic) - U2F (advanced)