A two-step verification implemented to better protect both a users credentials and the resources the user can access. User is granted access to certain resources such as web or application only after successfully presenting evidence to an authentication mechanism.