AuthPoint Hardware Token

Secure Authentication. No Smartphone Required.

Not every user carries a mobile device. Factory floors, secure facilities, and shared workstations need MFA too. AuthPoint hardware tokens generate a unique OTP every 30 seconds, managed from WatchGuard Cloud with the same zero trust policies as every AuthPoint method.

WatchGuard Identity Security dashboards

Multi-Factor Authentication for Every User, Every Environment

Secure OTP
Authentication

Reliable one-time passwords every 30 seconds. No mobile device, no app, no battery dependency. Ready out of the box.

Token Seeds Are Never Exposed

Created in an isolated network and transferred directly to the cloud. No human access, no export, no exposure.

Self-Service Token Provisioning

Users activate their own tokens through the AuthPoint IdP portal. No IT intervention. Faster onboarding.

Third-Party
Token Support

Supports any OATH TOTP-compliant token. Use WatchGuard tokens with protected seeds or bring your own hardware.

Works with Zero Trust Policies

Same risk-based policies as every AuthPoint method. Access controlled by device, location, time, and risk.

Compatible with Microsoft Entra ID

Hardware token OTP is supported for AuthPoint External MFA. Users without a smartphone can protect M365 and Azure.

Hardware Authentication That Fits Your Environment

Learn how AuthPoint hardware tokens provide MFA for users and environments where mobile devices are not available, not allowed, or not practical.

Woman in a high visibility vest working at several monitors with a red hardware token sitting on the desktop

AuthPoint hardware tokens are physical devices that generate a unique one-time password (OTP) every 30 seconds. They are an authentication method within AuthPoint MFA, managed from WatchGuard Cloud, and protected by the same zero trust policies that apply to all AuthPoint authentication methods.

Hardware tokens are the right choice for users who cannot carry a smartphone: factory and warehouse workers, healthcare staff in sterile environments, employees in secure facilities where phones are restricted, and shared workstation environments where a personal device is not practical.

Yes. Hardware token OTP is a supported authentication method for AuthPoint as an External MFA provider for Microsoft Entra ID. Users without a smartphone can still satisfy MFA requirements for Microsoft 365 and Azure services using a hardware token.

Tokens can be provisioned through WatchGuard Cloud. Users can also self-associate and activate their own tokens through the AuthPoint self-service portal without IT intervention. WatchGuard tokens arrive ready to use with minimal configuration.

Yes. AuthPoint supports any hardware token that complies with OATH TOTP standards. WatchGuard also designs and manufactures its own tokens with seed files that are never shared or exposed, providing an additional layer of supply chain security.
 

MFA Adoption at Scale with Hardware Tokens

Case Study
  • Deployed 700 AuthPoint licenses and 500 hardware tokens for 800 users across four airports
  • Achieved 90% MFA adoption in the first months with hardware tokens as the key adoption driver
  • Secured access to critical aviation systems and sensitive data in a government authority
  • Maximized user acceptance in environments where smartphones were not practical
Read the Case Study
More Resources