Multi-factor authentication is the process of verifying identity using at least two independent factors including what a person knows/possesses. The following are common factors that are used in multi-factor authentication processes.

Passcode

A numeric password such as a personal identification number (PIN).

Password

A user created string of characters

Challenge/Response

Answers to challenge questions that may include obscure personal information

Magnetic Stripe Cards

Cards that contain data such as identification numbers written on magnetic storage media. May include other security features such as an employee ID card with a photo on the front.

Card Security Codes

Codes that are physically written on a card. Users are asked to input the code to show they are in possession of the card.

Smart Cards

Cards that have embedded computing capabilities that t ypically include authentication credentials such as public key certificates.

Security Tokens

Hardware such as a USB device or mobile phone that generate time-synchronized tokens based on a shared key with an authentication service. Such devices may directly interface with authentication services. ALternatively, they may displacy a time-synchonized one-time password for users to input.