In order to gain access to applications, systems, and/or other resources via a computer or another user device, users are often required to authenticate themselves by entering authentication information. Such authentication information may include, for example, passwords, secrets, and/or security tokens.
Application servers, for example, restrict such access by performing user authentication. The application server often delegates responsibility for the authentication to a remote authentication server (e.g., a username/password (U/P) authentication server) by sending an access request message to the remote authentication server. In a multi-factor authentication system, after the remote authentication server authenticates the user, the application server initiates additional authentication by sending a second access request message to a second remote authentication server. Such multi-factor authentication is processed sequentially, where a user must pass a previous authentication in order to attempt to pass a subsequent authentication.
A need remains for improved multi-factor authentication techniques that provide flexibility to adjust to changing environments and can accommodate non-binary authentication methods.