Heron realizing the common multi-factor authentication are easily guessed or forged:

Something you know – password, etc
Something you have – authentication token, etc
Something you are – fingerprint, etc

and that is proposing the following additional options, which are harder for attackers to guess:

Some place you’ve been
Some problematic belief you hold
Something you said that you immediately regretted
Some of your failed hopes and dreams, cast aside in the journey to adulthood
Some other time, login later
Sum total of your assets
Summa summarum, more factors are needed