Authentication is usually based on one of three factors:
Many sites require only one form of identification for you to gain access, and that's usually your password (along with your username, of course). Multi-factor authentication requires the user to present items from at least two of the above groups before granting access.
Banks have been using it for years (you need your ATM card and your PIN to access your account). Multi-factor authentication (also referred to as strong authentication) is now gaining popularity because it adds an additional layer of security.
So, if an attacker steals your username and password to a site in which you have set up multi-factor authentication, it would do him no good. If he tried to access that site, he could log in only from a device associated with your account (something you have). As soon as he tried to login, you'd receive an email or text alert notifying you that someone has tried to sign in with an unauthorized device.
Popular sites like Facebook, Twitter and Gmail have all made multi-factor authentication available to their users, so this is something you can take advantage of now if you use those services. Technology Services is implementing multi-factor authentication for use at Tulane.