Two-step verification (also known as two-step authentication) is a process involving two stages to verify the identity of an entity trying to access services in a computer or in a network. This is a special case of a multi-factor authentication which involves the presentation of two or more of the three authentication factors: a knowledge factor, a possession factor, and an inherence factor.
To provide an everyday example: an automated teller machine (ATM) typically requires two-step verification. To prove that users are who they claim to be, the system requires two items: the ATM card (application of the possession factor) and the personal identification number (PIN) (application of the knowledge factor). In the case of a lost ATM card, the user's accounts are still safe; anyone who finds the card cannot withdraw money as they do not know the PIN. The same is true if the attacker has only knowledge of the PIN and does not have the card. This is what makes two-step verification more secure: there are two layers of security.
Google's two-step verification process
- The first step is to log in using the username and password. This is an application of the knowledge factor.
- The implementation of the second step requires a mobile phone which is an application of the possession factor. The user has to register his/her phone number with Google. When we attempt to authenticate with username and password, Google will send via SMS a new, unique code to the phone. This number is to be entered to complete the log in process. There is also an option to install an authentication software in the phone which generates a new code every 30 seconds.
Other sites offering two-step verification service
The following are some other sites which offer two-step verification service:
- Buffer_(application) 
- Jobber - Employee engagement
- Yahoo! Mail
- Alex Colon. "What is two-step authentication?". Retrieved 23 October 2013.
- "Two-Step Authentication". Stanford University. Retrieved 23 October 2013.
- James Tarala. "Two-Step Verification". Brown University. Retrieved 23 October 2013.
- "Google 2-Step Verification". Google. Retrieved 24 October 2013.
- "About 2-step verification". Google. Retrieved 24 October 2013.
- Whitson Gordon. "Here's Everywhere You Should Enable Two-Factor Authentication Right Now". Lifehacker. Retrieved 24 October 2013.
- Belle Beth Cooper. "Introducing 2 Step Login for Buffer: The safest social media publishing on the web". The Official Bufferapp Blog. Retrieved November 26th, 2013.
- Eric Doerr. "Microsoft Account Gets More Secure". The Official Microsoft Blog. Retrieved 24 October 2013.