...
First factor: A knowledge-based authentication factor (i.e., “something you know”) or an inherent authentication factor (i.e., “something you are") authentication factor used by the Subject together with a second factor to form a multi-factor. Traditionally the knowledge-based factor is the password used used for single-factor authentication. An inherent authentication factor can not be used as a standalone single-factor.
Second factor: A independent possession-based authentication factor (i.e., “something you have”) that authentication factor that is used in addition to the Subject's first factor in order to provide the Subject with the ability to use multi-factor authentication.
Full multi-factor: A complete new set of credentials assigned to the Subject in order to provide the Subject with the ability to use multi-factor authentication. This new set of credentials is by itself composed of at least two dependent factors (e.g. a smart card) and does not depend in any way on the normally used memorised secretknowledge-based authentication factor, i.e. a password, belonging to the Subject.
...
Second factor (used together with a memorised secret or a biometricknowledge-based or an inherent authentication factor)
- Single-Factor OTP Device
- Single-Factor Cryptographic Software
- Single-Factor Cryptographic Device
...