> How is this more secure than say, having a secondary password field in the main app?
Because the second “password” isn’t something that you memorize. It’s generated with some very complex math based on a secret “seed” value and the current time. It changes roughly every 30 seconds. If someone doesn’t have access to that secondary app, then they can’t get into the account even if they know your passwords.
>why only 2FA and not 3 or 5FA?
2FA stands for “two-factor authentication”, and there are only three “factors”:
* Something you know (i.e. a password)
* Something you have (i.e. the phone with the 2FA app installed on it)
* Something you are (i.e. biometrics)
You can have 3FA if you have to enter a password that you know, get an auth token from a device that you have, and scan your fingerprint. But 5FA isn’t a thing.
Latest Answers