Sometimes just a password is not enough to protect your account. Multi-factor authentication provides an additional layer of protection to your accounts and information. Methods of implementing this protection includes the use of a key or code generated by an automated system, an app that expires after a certain amount of time, and security questions.
This ensures that if your password is compromised, an attacker will not be able to get into the associated account easily. They will need a given key or code, as mentioned above, in order to complete the login.
Popular services and websites that utilize multi-factor authentication include:
An example of multi-factor authentication used by Google is the addition of a code that is texted to you after the initial login. If the machine from which the login is taking place is not one that was used recently, the additional layer of security is implemented. Unless the attacker has your phone as well, your account will remain inaccessible.
This is not a sure-fire solution though as some websites will email you the code, and if you reuse the same password for your email and the attacker was able to get into your email account, then the additional layer of security is moot.
Consider utilizing protection beyond a username and password. Many other websites now offer additional ways to protect your information and accounts. Also make sure you do not reuse passwords for multiple accounts to further strengthen the security on your accounts.