Using strong authentication
Strong authentication is a term that's widely used nowadays. What it means depends on the context where it is used. In general, strong authentication is about employing either two-factor or multiple-factor authentication to authenticate users.
As you learned in the previous sections, Keycloak provides the necessary capabilities to enable either 2FA or MFA for a realm. If your requirements for strong authentication only require the use of 2FA, you are good to go with either OTP or a security device when you're using WebAuthn.
However, MFA is probably the strongest form of authentication you can get, where biometric authorization is a key aspect of securely identifying and authenticating the user. In this case, you should consider using WebAuthn and setting up security devices to verify the identity of the user – using fingerprint scanning, for instance – to make sure the user using the device is indeed the user trying to authenticate...