Two-factor authentication译法

And why "two factors" only? A now common generalisation is the "multifactor authentication" (MFA). 2FA is its minimal implementation that just includes a secondary channel to authorize an authentication actually made on a primary site. And MFA is not limited to the web: it can be used to any service (including hardware) that has some means to perform other checks than jsut the primary access method. E.g., it can use biometrics like fingerprints, retina, face recognition, or handheld devices (not necessarily connected to the Internet, it could be a RFID chip, possibly implanted in the body, commonly found for authenticating demestic pets, or breed animals in farming, it can also authenticate material devices, or food/beverage, or shippings, or vehicles, and not just people); secondary authentication is not necessarily electronic (e.g. using a third party service in person, or a hardware seal).

The number of mechanism is not limited, each one having its strengths and weaknesses, but difficult to fool simultaneously as the means are using very different technics.

The most common 2FA mechanims used today are emails (cheapest, but weakest if emails are not themselves strongly signed by certificates or PGP), SMS or voice calls (reliable if the phone operator authenticate the caller/sender, but still not across international boundaries as the routed phone numbers can be arbitrarily set and not all phone operators of the recipient remove faked/unauthenticated caller numbers, due to lack of international support in existing basic ITU protocols used by phone gateways; this is reliable only for domestic calls/messages sent from inside the same country and if the national regulator has enforced this required authentication for all operators, i.e. only inside the European Union and for "geographic" or "mobile" number ranges, excluding special ranges for VoIP and temporary/prepaid mobile numbers and all numbers that are not properly registered in a public diary).