A username and password are enough for many sites. This single-factor authentication is often used for retailers and other sites, but more sensitive information that’s guarded on a bank site or email will often require or suggest two-factor authentication. Hackers can access a lot of information with just a username and password, including a social security number, bank or credit card information, medical records, and more. On top of that, many people use a similar username and password across sites, so if a hacker gets one, they may get them all.
