Soft Token

A soft token, or software token, is a piece of software that authenticates a user as part of a multi-factor authentication system. The most common form of soft token is an authenticator app, which can generate one-time-use passwords that add a level of security beyond a regular username and password. They are similar to hard tokens but exist as software on a device instead of a piece of dedicated hardware.

Soft tokens allow you to use a smartphone (or other device) as a part of a multi-factor authentication process. First, the authentication server generates a secret key for you to enter into your authenticator app. Once the secret key is in place, the authenticator app can generate one-time-use passwords, which are typically valid for 30 to 60 seconds each. The authenticator app generates passwords using the same algorithm as the authentication server; as long as the clocks on the server and the authenticator app are in sync, the passwords will match and authenticate the user.

While both hard and soft tokens add an extra layer of security to the authentication process, soft tokens do so with a little more convenience to the user. Hard tokens are small devices you need to carry with you and are useless if you forget them, but soft tokens live on the smartphone you're already likely carrying. An authenticator app may also utilize the smartphone's biometric security features like fingerprint scans or facial recognition, adding another level of protection. Finally, if a smartphone with your soft token is lost or stolen, your administrator can revoke the existing key and replace it with a new one that you can add to a new device instead of waiting for a replacement hard token.

Updated June 27, 2023 by Brian P.

quizTest Your Knowledge

What does it mean when an application runs "sandboxed?"

A
It is prevented from accessing the Internet.
0%
B
It is isolated from system resources and other applications.
0%
C
Its source code can be modified while it is running.
0%
D
Its settings are automatically reset to default after the app quits.
0%
Correct! Incorrect!     View the Sandboxing definition.
More Quizzes →

The Tech Terms Computer Dictionary

The definition of Soft Token on this page is an original definition written by the TechTerms.com team. If you would like to reference this page or cite this definition, please use the green citation links above.

The goal of TechTerms.com is to explain computer terminology in a way that is easy to understand. We strive for simplicity and accuracy with every definition we publish. If you have feedback about this definition or would like to suggest a new technical term, please contact us.

Sign up for the free TechTerms Newsletter

How often would you like to receive an email?

You can unsubscribe or change your frequency setting at any time using the links available in each email.

Questions? Please contact us.