What is a security device that generates a random number used for a second form of authentication?

A security token serves as a crucial element in multi-factor authentication systems. It generates a random number, often referred to as a one-time password (OTP), which is used alongside a primary method of authentication, such as a password. This method enhances security by ensuring that even if a password is compromised, unauthorized access is more difficult without the security token or its generated code.

Security tokens can come in various forms, including hardware devices, mobile apps, or even SMS messages that deliver the random number to the user. The randomness of the number helps prevent replay attacks, where an intercepted code could be reused by an attacker. Thus, the inclusion of a security token provides an effective layer of security, ensuring that only individuals with both the password and the token can gain access to secure systems or accounts.

In contrast, other options like a password generator are tools used to create strong passwords, but they do not typically provide a second form of authentication. Authentication keys may refer to cryptographic components used in various authentication protocols rather than generating random numbers for two-factor authentication. Biometric scanners verify a user's identity based on physical characteristics, but do not generate random numbers for authentication purposes.