Approaches for performing a multiple level authentication on an entity are provided. A primary authentication credential and a secondary authentication credential may be established for a user account. The primary authentication credential uniquely identifies a particular account of the software application. The secondary authentication credential uniquely identifies an entity, such as a user, application, or device, authorized to use the particular user account. Upon receiving a request to access the software application using the particular user account, a determination is made as to whether the request is accompanied by the primary authentication credentials and a secondary authentication credential associated with the particular user account. Upon determining that the request is accompanied by valid primary and secondary authentication credentials for the user account, limited access, based upon the secondary authentication credential, to the software application using the particular user account is granted.