Once a user is identified, they need to prove that "they are who they say they are". This is the process of "authenticating" the user. There's a number of strategies a user can use to perform authentication, the most basic being the humble password. Other authentication strategies that Clerk provides, are sending an email_code or phone_code. This will send an email or an SMS message with a code, that the user then must provide in order to sign in.