The need for strong user authentication for remote logon while at the same time maintaining a great user experience is increasing rapidly. One area in which this is particularly problematic is with native clients, such as virtual private network (VPN) clients. Native clients are especially challenging because, unlike web browser based logon where techniques may be used to detect passwords and interact with users, native clients have a rigid user interface and limit logon input fields to a username and a password without any detection capability. A problem arises when a user would like to receive a push notification instead of a one-time password (OTP) as a second-factor in two-step authentication. With only a username and password field at a logon screen of a native client, there has not been a clear way for a user to indicate his choice of receiving a push notification instead of using an OTP as a second method of authentication. Prior solutions have been non-intuitive and cumbersome for users to remember and implement.