Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.
Training Camp • Cybersecurity Glossary
A physical device that helps authenticate a user by supplementing or replacing the password.
Token Definition: A physical device that helps authenticate a user by supplementing or replacing the password.
A physical device that helps authenticate a user by supplementing or replacing the password. A token is a physical or digital object that represents a right to access a system or service, typically used for authentication. Physical tokens include smart cards, USB devices, key fobs, and hardware security keys, while digital tokens include one-time passwords, software-generated codes, and cryptographic certificates. Tokens strengthen authentication by adding something you have to the verification process. Token authentication is addressed in standards like NIST SP 800-63, ISO 27001, and various regulatory frameworks. Organizations implement tokens through authentication systems, identity management platforms, public key infrastructure, and token lifecycle management. For example, a financial institution might issue hardware tokens to employees that generate one-time passwords for accessing sensitive systems, requiring both the physical token (something you have) and a PIN (something you know), providing stronger multi-factor authentication compared to passwords alone. Related terms: Authentication factor, Hardware token, Software token, One-time password (OTP), Multi-factor authentication, Smart card, TOTP, Cryptographic token, FIDO U2F.
Turn knowledge into credentials with our instructor-led cybersecurity boot camps.
View All Courses →