A company is implementing multifactor authentication for their VPN access. Which of the following would be considered the BEST 'something you have' factor?
An SMS text message sent to the user's phone.
A smartphone with a biometric lock.
A password written down on a piece of paper.
A security token generating one-time codes.