_CORE
Services
AI & Agentic Systems Core Information Systems Cloud & Platform Engineering Data Platform & Integration Security & Compliance QA, Testing & Observability IoT, Automation & Robotics Mobile & Digital
Industries
Banking & Finance Insurance Public Administration Defense & Security Healthcare Energy & Utilities Telco & Media Manufacturing Logistics & E-commerce Retail & Loyalty
References Technologies
Lab
Blog Know-how Tools
About Collaboration Careers
Language
CS EN
Let's talk

2FA/MFA: Why and How to Set Up

10. 10. 2025 1 min read intermediate

Password isn’t enough. 2FA is the best protection against account theft.

What Is 2FA

Something you know (password) + something you have (phone, HW key). Even if someone gets your password, they can’t log in without the second factor.

Methods (Most to Least Secure)

  1. Hardware key (YubiKey) — most resistant to phishing
  2. TOTP app (Authy, Aegis) — 6-digit code, offline
  3. Push notifications (Microsoft Authenticator) — convenient
  4. SMS — better than nothing, but SIM swap risk

Where to Enable 2FA

  • Email (HIGHEST priority!)
  • GitHub / GitLab
  • Cloud accounts (AWS, Azure, GCP)
  • Banking
  • Social networks
  • Password manager (meta-security)

Backup Codes

ALWAYS save backup/recovery codes. Without them you’ll lose access when you lose your phone. Store them in password manager or print them.

Minimum

TOTP app (Authy) on email + GitHub + cloud. YubiKey for paranoids. SMS only as last resort.

2famfasecurity
Share:

CORE SYSTEMS tým

Stavíme core systémy a AI agenty, které drží provoz. 15 let zkušeností s enterprise IT.

Všechny články

Další know-how

MFA Implementation — Multi-Factor Authentication

How to implement TOTP, WebAuthn/FIDO2, SMS fallback.

OWASP Top 10: Identification and Authentication Failures

Bezpečná autentizace — session management, MFA, ochrana proti credential stuffing.

Integrating Java applications with Active Directory

User authentication and authorization in Java EE via LDAP/Active Directory. JNDI, Spring Security.