Passwords are lame. After all, the username\/password combination became the industry standard for online user identification more than two decades ago, but it has now become the weakest link in protecting our information.Stronger authentication? Sure, most people agree that we need it, given the scope of cyber security threats today. The constant threat of compromised credentials and brute force attacks that can lead to devastating security breaches for organizations.Effectiveness is all about balanceFor IT and security decision makers, authentication is always a balancing act. On the one hand, they need to ensure that a given user is really who he says he is before granting access to a network or a system. On the other, they want to reduce friction so that authentication doesn\u2019t negatively impact the user\u2019s experience.In response, we hear a lot of talk about two-factor authentication (2FA) as a potential solution. This method of confirming a user's claimed identity uses two different components to increase confidence in the identity of a user. Two-factor authentication technology has provided a useful means of managing network and application access for years, and has its benefits for certain applications.But 2FA is by no means perfect\u2014from either a security or user experience standpoint. It doesn\u2019t provide enterprises or users with a level of authentication flexibility that they want and need, and anyone who thinks traditional 2FA is a great user experience is kidding themselves.So where do we go from here? I always say, \u201cThe moment you begin to imagine something, it begins to exist.\u201d So, let\u2019s re-imagine authentication.Advances in authentication technology are enabling the market to move beyond 2FA. This includes the availability of dynamic multifactor authentication (MFA) solutions that enhance security, are risk aware, and at the same time deliver a frictionless customer experience to trusted customers.Mobile provides an inflection pointA March 2017 report by global research and advisory firm the Aite Group, \u201cMoving Beyond the Password: Consumers\u2019 Views on Authentication,\u201d points out that the increasing prevalence of smartphones and tablets \u201cprovides new opportunities to deploy stronger authentication mechanisms in a customer-friendly manner. In addition, inputting usernames and passwords in a mobile device is a clunky user experience, so many consumers willingly embrace biometrics and other technologies that are both easier and more secure.\u201dThis is good news in advancing the state of the art for multi-factor authentication. After all, the username\/password combination became the industry standard for online user identification more than two decades ago, but it has now become the weakest link in protecting our information.Modern authentication solutions are emerging, and they provide the balanced approach we\u2019ve been looking for - robust and context-aware security strong enough to protect a business and its customers, while also delivering an authentication experience that people will actually want to use.One of the key benefits of these newer authentication approaches is flexibility when it comes to authentication methods used. For example, users of dynamic multi-factor authentication can be authenticated by some combination of fingerprint scanning; graphical combination lock; proximity of a secondary, known device; geolocation; or a personal identification number (PIN). This allows a lot of flexibility and can accommodate \u201cmass market\u201d variety in a user population.As technology becomes more mainstream, a multi-factor approach can adapt to support new methods. Retinal scanning, facial recognition, heart rate scans, or even ambient noise can be used to authenticate a user.Free to be yourselfAnother interesting thing about this approach is the freedom it provides for users. Imagine a world where individual users can choose the authentication methods they\u2019re most comfortable with without requiring additional hardware or a drastic change in their habits.This kind of user choice might sound like it abdicates and enterprise\u2019s control over authentication. Not the way I imagine it \u2013 in my world, organization can still deploy varying methods of authentication based on perceived levels of risk.A large banking institution may want to require different levels of multi-factor authentication methods based on the risk of the activity being performed. For example, access to non-sensitive data might require nothing more than a single factor of authentication, or a combination of passive factors.The cool thing about this dynamic approach to authentication is just that \u2013 it\u2019s dynamic! The rigor of authentication needed could be based largely on context, not \u201cone size fits all,\u201d and can automatically adjust based on recognition of the device being used, as well as on available analytical data about past fraudulent or inappropriate behavior.Are you ready for the future?Dynamic, end-to-end authentication is the way of the future. Rather than rigid, constrained experiences, this approach provides more freedom.Organizations will have the ability to easily and automatically adapt to changing threat and risk conditions and provide authentication that achieves the appropriate level of assurance, based on real-time circumstances.End users will have a say in what\u2019s appropriate, and will feel like they don\u2019t have to jump through hoops to get what they want. This is how we get to that \u201cit just works\u201d feeling for authentication.Imagine this better world with me. The future is closer than you think, and the future of authentication is frictionless.