What two-factor authentication actually is and why it matters
Two-factor authentication (2FA, also called MFA) means a password alone is no longer enough to get in. Here is the plain-English version and why it stops most account takeovers.
- Understand the idea: logging in needs something you know (your password) plus something you have (your phone) or something you are (your fingerprint or face).
- Recognise why it works: even if a scammer steals or guesses your password, they still cannot get in without the second factor sitting in your pocket.
- Know the common second factors: a code from an authenticator app, a prompt you approve on your phone, a hardware key, or a code sent by SMS.
- Treat email, banking, and Microsoft 365 as the priority accounts to protect first — they unlock or reset everything else.
- Accept the small daily cost: a few extra seconds at sign-in buys a very large reduction in risk. The Australian Cyber Security Centre (cyber.gov.au) recommends it on every account that offers it.
Still stuck after those?
You’ve done the right thing by trying. Send whedo.it a quick note — what you tried, what you saw — and a senior pair of eyes will be on it the same business day.