What is Token?

Understanding Token

A physical device that helps authenticate a user by supplementing or replacing the password. A token is a physical or digital object that represents a right to access a system or service typically used for authentication. Physical tokens include smart cards USB devices key fobs and hardware security keys while digital tokens include one-time passwords software-generated codes and cryptographic certificates. Tokens strengthen authentication by adding something you have to the verification process. Token authentication is addressed in standards like NIST SP 800-63 ISO 27001 and various regulatory frameworks. Organizations implement tokens through authentication systems identity management platforms public key infrastructure and token lifecycle management. For example a financial institution might issue hardware tokens to employees that generate one-time passwords for accessing sensitive systems requiring both the physical token something you have and a PIN something you know providing stronger multi-factor authentication compared to passwords alone. Related terms Authentication factor Hardware token Software token One-time password OTP Multi-factor authentication Smart card TOTP Cryptographic token FIDO U2F.