Banks have been using Two Factor Authentication for a long time now. Some banks require entering a token during login, others only need it for money transfers. In the recent months, with growing cases of user account hacking, many online services are implementing Two Factor Authentication. The popular ones are GMail, Dropbox and Amazon AWS. But recently Facebook announced Two Factor Authentication support. The Facebook iOS/Android app acts as a soft-token and users that don’t have a smartphone, can use SMS to receive their tokens upon login. I think this is a good move, since a Facebook account acts as a persons identity due to all the personal information fed into accounts. But does Two Factor Authentication solve the problem? Can hackers not hijack account with Two Factor Authentication enabled? The answer is obviously No. It does make hijacking accounts much more difficult by adding a barrier and might make it not worth the while to hijack an account. But having a strong password along with Two Factor Authentication does make an account slightly more secure.
Evernote had also been hacked recently and is currently forcing password resets on all accounts. They are also going to introduce Two Factor Authentication very soon.