Which of the following is the WEAKEST authentication mechanism? 

Answer options:

A. Passphrases
B. Passwords
C. One-time passwords
D. Token devices

B

Most of the time users usually choose passwords which can be guessed , hence passwords is the BEST answer out of the choices listed above. The following answers are incorrect because : Passphrases is incorrect as it is more secure than a password because it is longer. One-time passwords is incorrect as the name states , it is good for only once and cannot be reused. Token devices is incorrect as this is also a password generator and is an one time password mechanism. Reference : Shon Harris AIO v3 , Chapter-4 : Access Control , Page : 139 , 142.