Multi-factor authentication (MFA) is the correct choice because it provides an additional layer of security by requiring two or more verification methods—a password, a phone call, a text message, or a verification app. MFA does not significantly impact user experience after initial setup and offers a substantial increase in account security. Single sign-on (SSO) simplifies user access by reducing password fatigue, but it does not in itself provide an additional verification layer. Passwordless authentication eliminates the need for a password but it is focused on user convenience rather than adding an additional verification step.