This refers to the use of two separate pieces of information to verify a person’s identity.
This combines a static password with an external authentication device such as a hardware token that generates a randomly-generated one-time password, a smart card, an SMS message (where a mobile phone is the token] or a unique physical attribute like a fingerprint.