To access certain data or services, a user may be asked to provide appropriate credentials, such as an account identifier and a correct corresponding password. To prevent unauthorized access using the credentials (e.g., if the credentials are obtained by an unauthorized third-party), the user may be asked to provide additional data and or perform one or more actions (e.g., provide multifactor authentication). For example, the user may be asked to provide certain data associated with the user (e.g., a name of a family member, a residence address, a telephone number, additional account details, etc.) to verify that the credentials are being presented by the correct user. In another example, data may be sent via a short messaging service (SMS), e-mail, or other message to a device associated with the user, and the user may be asked to provide the data in connection with the credentials to verify that the credentials are being sent from the device associated with the user.