An organization is implementing a VPN solution for remote employees. To enhance security, the IT department wants to ensure that access is granted not only based on something the user knows, such as a password, but also on something the user has. Which of the following methods should be used?
MAC address filtering
Hardware token with a password
Software token with a password
User password only