Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
An identity token is a portable piece of hardware that a user carries and uses to access a network. The token aids in proving the user's identity and authenticating that user for the use of a service.
An identity token is more often referred to as a security token or an authentication token.
A security token can be made of a smart card that is part of a key fob and provides two-factor authentication. This means that there are two different security methods that the user is implementing to prove his or her identity. The first is a PIN that the user enters. This authorizes the use of the token, which will display a number, often called a one-time password. This allows the user to access the service. This number will change often, such as every few minutes, or even more often, to increase security. Tokens are safer to use than passwords, which provide only one layer of security, do not change very often, and are easily compromised. For example, someone could write down their password and leave it where someone else can find it and use it. People often also pick passwords that are easily guessed, such as the name of a household pet or a dictionary word, which can be cracked with software.
Tokens can be used to confirm identity to gain access to email, networks, intranets and extranets, desktops, Web servers and more.
One of the difficulties with security tokens is getting user buy-in to use them. Users do not want to carry around an additional device, especially since they may need to carry a number of tokens for each account they use. Another disadvantage of tokens is that they are small and easy to lose. This causes more work for the company, which has replace the devices.