Fix industry concepts in strong sign-in workflows

Author: jonathanfrappier

content/well-architected-framework/docs/docs/secure-systems/identity-access-management/implement-strong-sign-in-workflows.mdx

@@ -12,7 +12,19 @@ breaches.
 
 ## What are strong sign-in workflows
 
-Strong sign-in workflows involve a combination of techniques and technologies to verify a user's identity before granting access to systems. Strong sign-in workflows typically consist of **something you know** - such as a password, and **something you have** - like a physical key. Strong sign-in workflows include multi-factor authentication (MFA), biometric authentication, and adaptive authentication.
+Strong sign-in workflows involve a combination of techniques and technologies to
+verify a user's identity before granting access to systems. Strong sign-in
+workflows typically consist of **something you know** - such as a password,
+**something you have** - like a hardware token or smart card, and **something
+you are** - such as a fingerprint or facial recognition. Strong sign-in
+workflows include:
+
+- **Multi-factor authentication (MFA)**: Combination of one or more sign-in factors
+  to verify a user's identity.
+- **Biometric authentication**: Use of unique biological traits, such as
+  fingerprints or facial recognition, to verify a user's identity.
+- **Adaptive authentication**: Contextual authentication that adjusts the level
+  of verification based on user behavior and risk factors.
 
 <VideoEmbed url="https://www.youtube.com/watch?v=L3alw3iXaio"/>
 
@@ -25,7 +37,9 @@ should not have access to. It does not, however, ensure that unauthorized users
 have not improperly gained access to credentials that allow authentication to
 those systems or data.
 
-When you implement strong sign-in workflows, you add another layer of security by validating the identity of users before granting access. When you combine strong sign-in workflows with [centralized identity
+When you implement strong sign-in workflows, you add another layer of security
+by validating the identity of users before granting access. When you combine
+strong sign-in workflows with [centralized identity 
 management](/secure-systems/identity-access-management/centralize-identity-management),
 you have an authentication model that ensures authorized users have access to systems.
 
@@ -37,6 +51,11 @@ providers like Okta.
 
 <VideoEmbed url="https://www.youtube.com/watch?v=lBImG1mbSLs"/>
 
+HashiCorp Consul service mesh allows you to securely connect services across
+multiple runtime platforms. Consul supports mutual Transport Layer Security
+(mTLS) authentication, which provides strong service-to-service authentication
+within the service mesh.
+
 HashiCorp resources:
 
 - [Multi-factor authentication with HCP](/hcp/docs/hcp/iam/mfa)
@@ -65,8 +84,8 @@ identity and access management program.
 
 In this section of **Identity and access management** you learned why you should
 use strong sign-in workflows in conjunction with [centralized identity
-management](/secure-systems/identity-access-management/centralize-identity-management)
+management](/well-architected-framework/secure-systems/identity-access-management/centralize-identity-management)
 and policies that follow the [principle of least
-privilege](secure-systems/identity-access-management/grant-least-privilege).
+privilege](/well-architected-framework/secure-systems/identity-access-management/grant-least-privilege).
 Identity and access management is part of the [Secure
 systems](/well-architected-framework/secure-systems) pillar.