90% of employee passwords can be cracked within six hours. 65% use the same password across multiple platforms. With two-factor authentication, the attacker must have access to the account holder’s physical device (mobile phone) along with login credentials in order to receive a security code that will grant access to the account.