Hardware tokens are which type of factor of authentication?

Hardware tokens are classified as "something you have" in the context of authentication factors. These tokens are physical devices that generate a one-time password or provide access to a system. The primary function of a hardware token is to establish proof of identity based on possession, meaning the user must physically have the token in their possession to successfully authenticate.

This method enhances security by requiring an additional layer beyond simply entering a password, as possession of the token is necessary to gain access. Without the token, even if someone knows the username and password, they cannot complete the authentication process. By relying on a tangible item that the user must have in their control, hardware tokens mitigate the risks associated with trade secrets or personal identification.

The other factors highlight different forms of authentication: knowledge-based (like passwords), biometrics (like fingerprints), and actions (like typing patterns), which do not apply in this scenario. Thus, the classification of hardware tokens as "something you have" effectively captures their role in secure authentication processes.