Three-factor authentication (3FA) is the use of identity-verifying credentials from
three different kinds of authentication elements, usually knowledge, possession, and inherence.
Authentication factors are traditionally divided into three groups:
Things a user must know in order to log in are known as knowledge factors. This includes user names, IDs,
passwords, and personal identification numbers (PINs).
Anything a user must have in his possession to log in is considered a possession factor. One-time password tokens (OTP tokens), key fobs, smartphones with OTP apps, employee ID cards, and
SIM cards all fall under this category.
Any biological qualities that the user possesses that are confirmed for log in are considered inheritance factors. Biometrics such as retina scans, iris scans,
fingerprint scans, finger vein scans, facial recognition, voice recognition, hand geometry, and even earlobe geometry fall under this category.