Authentication factors are categorized into three types:

1. Something you know (Knowledge factors):
   • Passwords, PINs, security questions
   • Passphrases, secret keys
2. Something you have (Possession factors):
   • Smartphones with authenticator apps
   • Hardware tokens, smart cards
   • SMS tokens, email confirmations
3. Something you are (Inherence factors):
   • Fingerprints, facial recognition
   • Retina scans, voice patterns
   • Behavioral biometrics (typing patterns)
     Multi-Factor Authentication (MFA) combines two or more of these factors to enhance security. For example, using a password (knowledge) + SMS code (possession) provides stronger security than password alone.