Possession-based authentication like key fobs is an example of which factor?

Authentication factors are grouped by what the user must provide. A key fob is a physical object you carry, so it’s a classic example of something you have. This category covers tokens, smart cards, and other hardware devices used to prove you possess them. Other categories are something you know (like a password or PIN), something you are (biometrics such as fingerprints), and something you do (behavioral patterns like typing speed). So a key fob demonstrates possession rather than knowledge, inherent traits, or actions, which is why it’s the correct choice. In practice, such a factor is often used alongside another factor to form multi-factor authentication, strengthening security if the device is lost or stolen.