Infographic: Mapping the Path of Two-Factor Authentication


Two-Factor Authentication is Indispensable

Within the enterprise realm, two-factor authentication has become more than just an option — it’s now an indispensable asset. After all, with the number of threats crowding the cybersphere, it’s imperative for businesses to take every measure necessary to guard their identities and sensitive information. By implementing an additional authentication wall, a company takes a vital proactive step toward making the business infrastructure safe from a malicious intrusion. However, there is an important distinction to be made between the two types of authentication tokens organizations use, as illustrated by an Entrust informational graphic:

Hard Tokens

When a business only has a single authentication wall, it can be easy for that wall to be breached. All an outsider needs is a single password. But with the introduction of a second identity-guarding barrier, such an incursion becomes significantly harder because the second wall usually relies on some kind of device that only an authorized person could have access to. A hard token is literally this device: an object — one that’s usually small and can be attached to a keychain — built solely for generating one-time passcodes that only the possessor of the device will be able to read and input. In this way, a hard token is exactly like a cyber key — a device whose singular function is to unlock a virtual door.

Soft Tokens

If hard tokens are hardware, it follows that soft tokens are software. Because soft tokens are stored within software, they can be accessed from many different computing devices, and are therefore not just something you put on a keychain. In business scenarios, soft tokens are usually sent to mobile devices such as an employee’s smart phone, since this represents a device that in theory can only be accessed by the user for whom the one-time authentication code is intended. According to the Entrust infographic, mobile two-factor deployment now accounts for 20 percent of double-wall business authentication options out there. That said, a one-time token sent via a soft token generator can also be pushed to an employee’s computer.

In today’s business world, the question is not so much whether you’ll get two-factor authentication as what type you’ll go for. There are benefits to both forms — hard tokens are very simple to use, while soft tokens offer significant device flexibility — so the ultimate decisions boils down to what’s best for your business.


Entrust provides identity-based security solutions that empower enterprises, consumers, citizens and websites in more than 5,000 organizations spanning 85 countries. Entrust's identity-based approach offers the right balance between affordability, expertise and service. With more than 125 patents granted and pending, these world-class solutions include strong authentication, physical and logical access, credentialing, mobile security, fraud detection, digital certificates, SSL and PKI.


Add to the Conversation