For years, users accessed sites on the cloud by providing a username and password. Unfortunately, hackers always actively try to compromise such user credentials. To provide an additional level of security, many sites today leverage multifactor authentication (MFA) a process that requires a user to provide two or more forms of identification before they can access the system. One of the most common MFA approaches is for the site to send a code to the user’s cell phone which the user must then enter within a prompt on the site. Other forms of identification include biometrics, such as facial or fingerprint recognition. FIGURE 5-4 illustrates the MFA process.