Cloud Guard has added the "Local user authenticated without MFA" rule to its OCI Activity Detector recipe. This rule alerts you when a user is authenticated with only a single authentication factor, such as a password. For particularly sensitive resources, a security best practice is to require a second authentication factor, such as supplying a code that's sent to the udeer's email address or phone number. See Local user authenticated without MFA.