Types of user authentication available as of 2015 include password log-ins, single-use passwords sent to a device and biometrics. These three forms of authentication make up the three general categories commonly used today, and they are referred to as "what you know," "what you have" and "what you are."
A single password sign-on is a form of "what you know" authentication. It encrypts information the user already possesses. It is considered the weakest form because it can be easily communicated.
A single-use password sent to a device is safer because it uses "what you have." However, through use of spyware or other forms of infiltration, it is possible for someone else to gain access to a user's device.
Biometrics is in the "what you are" category. It uses a fingerprint or scan of another body part to authenticate.