A customer is transitioning an existing corporate application from an on-premises data center to Google Cloud Platform. The business owners require this migration to cause minimal disruption to users. Additionally, the security team has strict requirements for protecting password storage. Considering these factors, what authentication strategy should they use?