What is referred to as "something you have" in network security?

In network security, the term "something you have" pertains to physical objects or unique digital assets that a user possesses, which can be used to authenticate their identity. Tokens and certificates are classic examples of these assets. They can take the form of smart cards, key fobs, or digital certificates stored on a device. When a user presents a token or certificate as part of a multi-factor authentication process, they demonstrate physical possession of the item, enhancing the security of access control measures.

This concept is associated with one of the three factors of authentication: something you know (passwords), something you have (tokens and certificates), and something you are (biometric identifiers). By utilizing "something you have," security systems can ensure that even if a password is compromised, an unauthorized user still would not be able to gain access without also possessing the physical token or certificate. This dual-layer of security significantly mitigates risks of unauthorized access.