Two-factor authentication adds an extra layer of security by requiring users to provide a second form of authentication, such as a code sent to their phone, in addition to their password.