Trying other authentication methods when the first is invalid