Two-step verification, otherwise known as two-factor authentication (2FA), is an Internet safety protocol designed to prevent a host of terrible things from happening to you — the scariest being a stolen identity, or even a pilfered investment. Since commerce began on the web, we’ve protected our most precious assets like credit card numbers and social security numbers with only one step of verification — most commonly a password. Passwords are inherently problematic since people often use the same passwords for various different sites, a habit that renders their personal information especially vulnerable; if a hacker encounters your password in one place, he’ll try to use it everywhere possible.
And as the trove of information that websites possess has gotten more desirable, hackers have gotten increasingly wily, and sites like Yahoo, Snapchat, and Dropbox have found themselves hacked, their user information compromised. Because of this, a second factor of verification proving you are who you say you are is now necessary. The second factor could be a lot of things — a fingerprint or an eye-scan even — but the most common form right now is what’s known as a verification code — a rapidly-expiring string of digits or code that a website will send to your phone or computer to input into a website or app as a second means of identification.