Two-factor authentication adds another layer of security protection to a user's account. Take your email account, for example. What's normally required for you to log in are your username and password. That is called a single-factor authentication. A second-factor authentication or 2FA requires the user to provide two out of the types of verification.
Something you know, such as your password, PIN, or a pattern
Something you have, including ATM cards, fob, or phone
Something you are, like your fingerprint, voice, or biometric.
Basic authentication with just one touch -- a simple "Yes" or "No ."
Tried and tested private and public key pair for mutual and message authorization.
Out-of-band verification that serves as a shield against phishing and man-in-the-middle attack or MITM attacks.