Der Inhalt dieser Seite ist in der von Ihnen gewählten Sprache leider nicht verfügbar.
Startseite VPN Terms VPN token

VPN token

VPN token definition

A VPN token is a one-time password (OTP) generated by a security device for accessing a VPN, ensuring that a device is authorized to connect to a VPN network. Using VPN tokens adds an additional layer of authentication to the login process, making it harder for attackers to gain unauthorized access to a network. 

See also: Security token, Two-factor authentication

VPN token types

VPN tokens are available in both hardware and software formats, and they use a variety of authentication methods to generate OTPs:

  • Hardware tokens: small portable physical devices that generate one-time passwords.
  • Software tokens: apps that run on a user's smartphone or laptop and generate one-time passwords. Software tokens are often more convenient than hardware tokens because users do not need to carry a separate device with them. 
  • SMS tokens: one-time passwords that are sent to a user's mobile phone as a text message. SMS tokens are often used as a backup option when other types of tokens are not available.
  • Smart cards: credit-card-sized devices that contain a microprocessor and a digital certificate or an encryption key, used to authenticate a user's identity. 
  • Biometric tokens: using biometric information, like fingerprints or facial recognition, to authenticate a user. Biometric tokens are often used in combination with other types of tokens for added security.

How do VPN tokens work?

VPN tokens add an extra step to the login process by generating a one-time password, or OTP. First, the user requests access to the VPN. The token then creates a temporary code, which the user enters along with their usual login credentials. The VPN server checks both the credentials and the code. If everything matches, access is granted. 

VPN tokens usually rely on one of two OTP methods: TOTP, time-based codes that are valid for 30 seconds, and HOTP, event-based codes that change each time a new code is generated. 

Benefits of using VPN tokens

  • Stronger access control. VPN tokens add another layer of verification beyond just a password.
  • Protection against credential theft. Stolen passwords are less useful without the token code.
  • Compliance with security policies. They help meet multi-factor authentication and access control requirements for companies.
  • Works with existing VPN infrastructure. They can usually be added without replacing the VPN itself.