Which statement is true regarding hardware and software tokens?
Software tokens should be used for testing purposes only. Real end-users should use hardware tokens.
Software tokens are a cheaper alternative to hardware tokens
Software tokens are less secure and have been superseded by hardware tokens
Hardware tokens are a cheaper alternative to software tokens
Correct Incorrect Unanswered
Answer Description
Both Hardware Tokens and Software Tokens provide "something you have" factor authentication. Common hardware tokens are smartcards, USB sticks or one-time-use password generators. Software tokens are generally apps that generate a temporary password. Software tokens are considered a cheaper alternative to hardware tokens, as issuing a hardware token to a large number of users has a high cost. Arguably hardware tokens are more secure, but are less practical and more costly.
Wikipedia
A software token (a.k.a. soft token) is a piece of a two-factor authentication security device that may be used to authorize the use of computer services. Software tokens are stored on a general-purpose electronic device such as a desktop computer, laptop, PDA, or mobile phone and can be duplicated. (Contrast hardware tokens, where the credentials are stored on a dedicated hardware device and therefore cannot be duplicated — absent physical invasion of the device)
Because software tokens are something one does not physically possess, they are exposed to unique threats based on duplication of the underlying cryptographic material - for example, computer viruses and software attacks. Both hardware and software tokens are vulnerable to bot-based man-in-the-middle attacks, or to simple phishing attacks in which the one-time password provided by the token is solicited, and then supplied to the genuine website in a timely manner. Software tokens do have benefits: there is no physical token to carry, they do not contain batteries that will run out, and they are cheaper than hardware tokens.
Software_token - Wikipedia, the free encyclopedia Subscribe to avoid duplicate questions and track your progress over time
CompTIA A+
CompTIA Network+
CompTIA Security+
CompTIA CySA+
CompTIA Linux+
CompTIA PenTest+
CompTIA Cloud+
CompTIA ITF+
AWS Cloud Practitioner
Microsoft Azure Fundamentals