What is Two Factor Authentication?

Two-factor Authentication adds another layer of security to your data. It is based on the principle of identifying yourself by both something you know (your password) and something you have. The something you have is your phone or a device that generates a unique time-limited authorisation code or One Time Password. Even if someone knows your password, they still can't access your data as they also need the device to generate the access code. The code is unique to you and to the device generating it. It is time limited, resetting after 30 seconds, preventing guessing of the code.

With Two Factor enabled, when you log in with your password, you will be asked to provide a second authentication by means of a code generated on your phone. Only if the code matches the expected value for the time of request will access be granted.

You can set it up from your profile page. You need a phone (Android or iOS) and an app to generate codes. One such is Authy, another is Google Authenticator. Both are free. Authy synchronises across multiple devices as a backup and includes PIN/Touch ID authentication for added security.

To set it up you just need to scan the QR code shown on the screen or enter a unique code, and that is it.

Read more about why you should use two factor authentication here