The Multi-Factor Factor (or How to Manage Authentication Risk)
When CISOs do threat modeling, we come up with all sorts of attacks and more. Then we have to pick the controls that address as many of the risks as possible, and factor in all of the factors to allow authentication.