Hardware Token
What is Hardware Token?
Hardware TokenPhysical device that stores cryptographic secrets and performs authentication operations, used as a possession factor in multi-factor authentication.
A hardware token is a tamper-resistant physical device that generates or holds credentials used to prove identity. Examples include FIDO2 security keys (YubiKey, Titan Key, SoloKey), OATH TOTP/HOTP fobs (RSA SecurID), PIV/CAC smartcards, and chip-based EMV payment cards. Hardware tokens are stronger than passwords and TOTP apps because the private key never leaves the device, the device is bound to a physical user, and modern FIDO2 keys bind authentication to the origin to defeat phishing. Risks include loss, theft, supply-chain compromise, and side-channel attacks on poorly designed devices; lifecycle and revocation processes are essential.
● Examples
- 01
Issuing FIDO2 hardware tokens to all administrators to meet phishing-resistant MFA requirements.
- 02
Using a PIV smartcard plus PIN for federal-government login per HSPD-12 and NIST 800-157.
● Frequently asked questions
What is Hardware Token?
Physical device that stores cryptographic secrets and performs authentication operations, used as a possession factor in multi-factor authentication. It belongs to the Cryptography category of cybersecurity.
What does Hardware Token mean?
Physical device that stores cryptographic secrets and performs authentication operations, used as a possession factor in multi-factor authentication.
How do you defend against Hardware Token?
Defences for Hardware Token typically combine technical controls and operational practices, as detailed in the full definition above.