A developer is designing a very sensitive web application that will be accessed by both desktop
web browsers and mobile Android applications. What is one way the developer can implement a
multi-factor authentication system for these users?
A.
Have the user memorize a PIN in addition to their password and require them to supply both
when attempting to log in.
B.
Have the user answer a security question once they authenticate using their username and
password.
C.
Require a one-time-use code sent via an SMS message in addition to a username and
password.
D.
Have the user supply their last password in addition to their current password when they
attempt to log in.
Explanation: