Challenge Response nonce that was generated and sent to client.
After it has been validated, it will removed from session, in order to prevent replay attacks.
Whether recaptcha is required in order to complete authentication.
After recaptcha has been verified, this property will be removed from session.
Two factor authentication token that was generated and sent to client.
After it has been validated, it will removed from session, in order to prevent replay attacks.
Session which holds the current authentication made by user from a concrete device.