The correct matching of the MFA factors to their examples is as follows:

Entering a one-time security code sent to your device after logging in: Possession

Holding your phone to your face to be recognized: Inherence

Specifying your user name and password to log on to a service: Knowledge

Here’s why each factor matches the example:

Possession: This factor is something the user has, like a mobile device. A one-time security code sent to this device falls under this category.

Inherence: This factor is something the user is, such as a biometric characteristic. Facial recognition using a phone is an example of this factor.

Knowledge: This factor is something the user knows, like a password or PIN.

Multi-Factor Authentication (MFA) enhances security by requiring two or more of these factors to verify a user’s identity before granting access.

Entering a one-time security code sent to your device after logging in.

Factor: Possession

Explanation: This factor relates to something you have, such as a device that receives a security code.

Holding your phone to your face to be recognized.

Factor: Inference (typically referred to as Inherence or Biometric)

Explanation: This factor relates to something you are, such as biometric authentication like facial recognition.

Specifying your username and password to log on to a service.

Factor: Knowledge

Explanation: This factor relates to something you know, such as a username and password.

Possession Factor: This involves something the user has in their possession. Receiving a one-time security code on a device (e.g., phone) is an example of this.

Inference Factor (Inherence/Biometric): This involves something inherent to the user, such as biometric verification (e.g., facial recognition or fingerprint scanning).

Knowledge Factor: This involves something the user knows, such as login credentials (username and password).

References:

Multi-Factor Authentication (MFA) Explained: MFA Guide

Understanding Authentication Factors: Authentication Factors