LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

What are the three factors in Multi-Factor Authentication (MFA)?

Something you KNOW (password/PIN), something you HAVE (phone/token), and something you ARE (biometric) — MFA combines 2+ from DIFFERENT categories.

MFA hub fanning to know (password/PIN), have (phone/token), are (fingerprint/face).

* MFA combines 2+ factors from different categories — something you know, have, and are. *

Factor Type Examples
Something you KNOW Knowledge Password, PIN, security questions
Something you HAVE Possession Phone, hardware token, smart card
Something you ARE Biometric Fingerprint, face, iris

Mnemonic: "Know-Have-Are" or "KHA"

Valid MFA examples:

  • Password (know) + SMS code (have) ✓
  • Password (know) + fingerprint (are) ✓
  • Badge (have) + PIN (know) ✓

NOT MFA:

  • Two passwords ✗ (both "know")
  • Password + security question ✗ (both "know")

Tip: SMS is weakest "have" factor (SIM swapping attacks). Hardware tokens or authenticator apps are stronger.

Go deeper:

From Quiz: SPRG / Authentication & Session Management | Updated: Jul 14, 2026