Separation of privilege

Access to an object should depend on more than one condition so that the failure of a single security part does not grant access to an attacker.

Example: MFA

Even if an attacker gets knowledge of the password he would still need to get the code from a phone message.

References

1. (Wheeler, 2021), https://dwheeler.com/secure-programs/Secure-Programs-HOWTO/follow-good-principles.html
2. (Microsoft 2021) , https://techcommunity.microsoft.com/t5/azure-sql-blog/security-separation-of-privilege/ba-p/2393637 3