An authentication code is something you know that authenticates you.
During World War II, American soldiers in Europe would ask strangers cultural questions like “Who won the 1940 World Series?” on the assumption that German soldiers wouldn’t know the answer, but every American would.
The biggest vulnerability is that the secret can be transmitted, learned, or stolen.
This is a group identification because knowledge can be shared.
Beware of lousy authentication code, your mother’s maiden name is a authentication code but very lousy because it's considered public