Hard Token
A hard token, or hardware token, is a piece of hardware that authenticates a user in a multi-factor authentication system. Hard tokens can take several forms, including small USB tokens, smart cards, or dedicated password-generating fobs. Hard tokens often work alongside other authentication methods like a username and password, but some systems may use them as the only necessary authentication method.
Hard tokens come in several different forms. The most common type of hard token is a disconnected token, also known as an OTP token. These tokens do not plug into a computer to provide authentication but instead have a small screen that displays a one-time-use passcode when you click a button on the device. You can use this passcode as part of an MFA system, similar to a soft token authentication app.
Another common form of hard token is a connected token, which plugs into a computer's USB port and can authenticate a user using one of several methods. Some USB tokens can insert a cryptographically-generated passcode whenever you press a button on the device and work without extra drivers or software. Others use a combination of private and public encryption keys to answer a cryptographic challenge issued during the login process. These tokens require compatible software (now built into most operating systems and web browsers) and the support of the service you're logging into.
![Several YubiKey USB tokens in multiple sizes and form factors](https://techterms.com/img/xl/hard_token_613.png)
Hard tokens are also often used to increase security when logging into a local computer system. Smart keycards can act as hard tokens; some require physical contact by placing a chip in a reader, and others use RFID chips to authenticate through proximity. Some specialized systems use wireless fobs that contain NFC or Bluetooth LE radios that can unlock a computer when the user is nearby and lock it again once they walk away.