two-step verification

Two-step verification is a process that involves two authentication methods performed one after the other to verify that someone or something requesting access is who or what they are declared to be. 

The difference between two-step verification and two-factor authentication:
Two-step verification is sometimes confused with two-factor authentication (2FA), which also involves two usually sequential methods used for verification. However, in contrast with 2FA processes, the methods in two-step verification can belong to the same category of authentication factors, and the methods used for 2FA aren't necessarily sequential. 

Furthermore, verification and authentication are not completely synonymous. Verification can be part of a real-world process -- providing a driver's license as proof of identity, for example. Authentication is considered an adaptation of verification processes designed to protect automated and online systems. 

Nevertheless, many two-step verification products and services are also examples of two-factor authentication. Google's 2-Step Verification service, for example, involves the usual password (something the user knows) and a code sent to the user's device (something the user has). Most other current web-based user authentication systems described as two-step verification also qualify as two-factor authentication.

This was last updated in December 2014

Continue Reading About two-step verification

Dig Deeper on Identity and access management

Enterprise Desktop
Cloud Computing