2FA stands for two-factor authentication. It’s that annoying extra step when you’re signing in to a website, app, or account, and after entering your password, you get a screen that says, “Ah, just one more thing…”

Then you’re typically sent a code via text or email. It can be time-consuming and clunky. It’s not uncommon for me to run into a website in which the code never arrives, leaving me trapped in a limbo where I can’t log in. Other times, it’s just clumsy to toggle back and forth between the email and login screens.

There’s another way: the 2FA app. It’s even more secure, gets hung up on technical issues less often (in my experience), and is free.

What the apps do

First, you download your 2FA app of choice to your phone. When you want to connect an account (that supports a 2FA app), you follow the on-screen directions to add the account to your 2FA app. It usually involves scanning a QR code displayed on the screen.

Boom. Your account is now linked to the app. There are a few different 2FA apps out there, but they all function and look more or less the same. There’s a screen of constantly refreshing numerical codes that regenerate every minute or so.

When you go to log in to an account, rather than text or email you a code, it’ll ask you to input the code from your 2FA app. You open the app, look at the code next to the linked account, and type it into the text field.

Sometimes you’ll open the app just as the cycle ends. Just wait until it renews. This constant rotation of randomly generated codes makes the 2FA particularly secure, because a hacker can’t just steal the code and use it to access your account. By the time they could, it’d be out of date.

