Abstract
Two-factor authentication provides a straightforward way to increase the security of online systems and resources, and implementing the technology requires cultural as well as technical change. This paper highlights best practices shared by information security professionals who have implemented 2FA to increase security at their institutions.