What are the three factors of authentication?

The three authentication factors are something you know such as a password, PIN, or security question; something you have such as a smart card, hardware token, or mobile device; and something you are such as a fingerprint, retinal scan, or facial recognition, collectively called biometrics. Multi-factor authentication requires at least two different factors, not two instances of the same factor. Using a password and a PIN is single-factor because both are something you know. Using a password and a fingerprint is true multi-factor.