a cloud-based hardware processor; and

the cloud-based hardware processor executes instructions that cause the cloud-based hardware processor to perform operations comprising:

integrating a representational state transfer (REST) interface into a first factor authenticator of an online system to provide second factor authentications for users to the online system;

receiving user identifiers through the REST interface from the first factor authenticator for the users who are authenticated for access to the online system using first factors by the first factor authenticator;

generating user-specific and non-repeatably user-activity challenges and expected responses for the users from aggregated activity data maintained for each user, wherein the user specific and non-repeatably user-activity challenges and expected responses for the users are maintained from aggregated activity data for each user, wherein the user specific and non-repeatably user-activity challenges are generated based on recent in time activities of the users;

providing the user-specific and non-repeatable user-activity challenges to the first factor authenticator through the REST interface;

receiving user-provided responses through the REST interface from the first actor authenticator; and

providing authentication messages through the REST interface to the first factor authenticator indicating whether each of the user-provided responses matched or did not match the corresponding expected response for a corresponding second factor authentication of the corresponding user for granting or for denying access to the online system.