It goes without saying in the IAM space that security exists on a spectrum. On one side is the utmost protection of secrets at all costs. On the other side is ultimate usability. How can we build something that leverages strong multi-factor authentication while remaining something customers of all skill levels are comfortable using? We continue to find success in investing in building a user-centric solution that handles best-in-class multi-factor security across a wide range of customer use cases. Historically, many companies including Duo have focused on finding solutions to the question of, “how can we make password-based auth more secure?” Second-factor authentication methods like SMS onetime passcodes, time-based one-time passcodes, and Duo Push have incrementally improved our customers’ security posture by adding a “something you have” factor to a password’s “something you know.” But despite our best efforts.