Multi-Factor Authentication (MFA) is used by many online systems as an extra layer of security.
MFA usually requires someone to enter a one-time security code whenever they sign into their account. This code might be delivered via an email, text message or authenticator app.
Without MFA, an unauthorised person could sign into a user's account if they know (or guess) their password. However, once MFA is enabled, the password alone is not sufficient - they also need access to the one-time security code.