Authentication is broken, and longer, stronger passwords combined with first-generation MFA will not save the day. Hopefully, this is no longer controversial. We have over a decade's worth of data showing how most successful breaches involve stolen credentials. Now we are witnessing a rapidly rising number of breaches bypassing existing MFA. It is beyond time to address this problem head-on, but what are the key requirements for MFA that is up to the task? While the situation is dire, this will be a very hopeful view of the path forward. Help IS on the way!