Common Factors (by security level)
- SMS (with verification code)
- One Time Pass (via Google Authenticator / Authy / AdHoc via email)
- Push Notification to an App
Functional Requirements:
- On First Time Login, user is prompted with the most secure factor available
- MFA/2FA Trigger can be by different IP detected, Non-existing cookie, etc..
Created on 2/24/2020