Two-factor authentication (2FA), also known as multi-factor authentication (MFA), comes in many flavors. But not all are created equal. Best practices should involve at least two selections from this list: FIDOU2F hardware keys, one-time passwords (OTP), and recovery codes.
