What does single-factor authentication typically consist of?

Single-factor authentication is typically characterized by the use of a single piece of evidence to verify a user's identity. The most common form of single-factor authentication is a username combined with a password. This method relies on the user providing something they know (the password) alongside their identifier (the username) to access a system or service.

In the context of the other options, alternative methods such as a one-time code, biometric identification like a fingerprint, or a physical device like a card reader introduce additional elements that move beyond single-factor authentication. For example:

• A one-time code, combined with a password, constitutes two-factor authentication, as it involves both a password (something the user knows) and a dynamically generated code (which could be considered something the user has).
• A fingerprint, paired with a password, incorporates biometric authentication, which is a different layer of security beyond single-factor authentication.
• A card reader and a phone suggests the use of physical tokens or devices, which also aligns with multi-factor authentication since it involves multiple different types of evidence.

Thus, the option that represents the simplest and most common form of single-factor authentication is indeed a username and a password.