Definition

soft token

Contributor(s): Matthew Haughn

A soft token is a software-based security token that generates a single-use login PIN.

Traditionally, a security token has been a hardware device that produces a new, secure and individual PIN for each use and displays it on a built-in LCD display. The system may activate after the user presses a button or enters an initial PIN. Security tokens are generally used in environments with higher security requirements as part of a multifactor authentication system. While the hardware-based systems are more secure, they are also costly and difficult to deploy on a large scale, as is required for online banking, for example.

Soft tokens are an attempt to replicate the security advantages of multifactor authentication, while simplifying distribution and lowering costs.  A smartphone soft token app performs the same task as a hardware-based security token. Like a hardware token, a smartphone provides an easy-to-protect and easy-to-remember location for secure login information: on the device itself. Unlike a hardware token, smartphones are connected devices, which make them inherently less secure. The extent of their security largely depends on the device’s operating system and client software.

This was last updated in December 2014

Continue Reading About soft token

Dig Deeper on Web Authentication and Access Control

PRO+

Content

Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close