- Something you know. As an example, a user would know their username and password. This is considered the weakest form of authentication. One of the primary reasons is that users often use weak passwords or write their passwords down.
- Something you have. Smart cards and fobs are common examples. A smart card is a credit card sized card that holds key information about the user. Smart cards have certificates embedded in them using TLS and provide very strong authentication. A fob (sometimes called a token) has an LED display that shows a number that changes regularly, such as every 60 seconds. This number is synchronized with a server. When the user logs into a website, they enter the number shown on the display to verify they have the token. This factor is often combined with another factor to provide multifactor authentication.
- Something you are. Biometrics is used for this factor of authentication and is not only in movies. Biometrics is commonly used in many applications today. A common example is at theme parks like Disney World. It includes fingerprints, retinal scans, voice prints and even handwriting analysis. Biometrics is considered the strongest form of authentication, but also the most expensive.
- Someone may have a smart card and know a personal identification number (PIN), or
- Have a fob and know their username and password.