Software Tokens

Owned by Mark Poidomani
Last updated: Sept 10, 2020 by Odin Soli
3 min read

SurePassID Authentication Server provides complete support for SurePassId Authenticator, Google Authenticator, and other mobile OTP authenticators.   Although the following information is for Google Authenticator setup, other authenticators such as SurePass Authenticator work in the same manner. 

SurePassID Authenticator

What is SurePassID Authenticator?

SurePassID Authenticator is a mobile application that simulates a One Time Password hardware device, also called a “software token” or "soft token".  The SurePassID Authenticator offers the following advantages over traditional hardware tokens:

  • SurePassID Authenticator tokens can be created instantaneously and electronically distributed to your users. Conversely, traditional hardware devices must be sent to individual users.
  • SurePassID Authenticator tokens are software based and as such they are inherently less costly than traditional hardware devices.  Perfect for budget constrained companies.
  • Thousands of SurePassID Authenticator tokens can be rolled out in a matter of hours.  Hardware devices can often require a set of operational procedures for the distribution of physical corporate assets.
  • The SurePassID Authenticator supports event based (HOTP), time based OTP (TOTP) with a any number of digits between 3 and 10 and any time between windows from 30 seconds to 24 hours.
  • SurePassID tokens can imported into SurePassID Authenticator with a single click by the user on their mobile. The SurePassID Authenticator is free!

SurePassID Authenticator Set-Up

Using SurePassID Authenticator involves the following steps:

  1. Adding the SurePassID Authenticator to the user’s SurePass account. This can be done manually per user or importing unlimited users.
  2. Installing (downloading) the SurePassID Authenticator application on the user’s mobile device.
  3. Activating the SurePassID Authenticator token on the user’s mobile device
  4. Verifying the SurePassID Authenticator token is setup correctly
  5. Users can manage their manage their SurePassID Authenticator tokens using the ServicePass Self-Service Portal where users can, remove, activate and enable, and manage all of their tokens.

The step-by-step user instructions for SurePassID Authenticator can be found here.

Google Authenticator

What is Google Authenticator?

Google Authenticator is a mobile application that simulates a One Time Password hardware device, also called a “software token” or "soft token".  The Google Authenticator offers the following advantages over traditional hardware tokens:

  • Google Authenticator devices can be created instantaneously and electronically distributed to your users. Conversely, traditional hardware devices must be sent to individual users.
  • Google Authenticator devices are software and as such they are inherently less costly than traditional hardware devices.  Perfect for budget constrained companies.
  • Thousands of Google Authenticator devices can be rolled out in a matter of hours.  Hardware devices can often require a set of operational procedures for the distribution of physical corporate assets.
  • The Google Authenticator only supports time based OTP (TOTP) with a 30 second time window.
  • Users can manage their manage their SurePassID Authenticator tokens using the ServicePass Self-Service Portal where users can, remove, activate and enable, and manage all of their tokens.
  • The Google Authenticator is free!

Google Authenticator Set-Up

Using Google Authenticator involves the following steps:

  1. Adding the Google Authenticator to the user’s SurePassID account. This can be done manually per user or importing unlimited users.
  2. Installing (downloading) the Google Authenticator application on the user’s mobile device.
  3. Activating the SurePassID Google Authenticator on the user’s mobile device
  4. Verifying the Google Authenticator is setup correctly

The step-by-step user instructions can be found here.

Desktop Authenticator

What is Desktop Authenticator?

Desktop Authenticator  is a windows desktop application that contains any number of a One Time Password tokens, also called  “software tokens” or "soft token".  SurePassID Desktop Authenticator is an easy, cost-effective way to use any desktop or laptop computer for Two-Factor Authentication (2FA) and support a variety of authentication scenarios. The Desktop Authenticator offers the following advantages over traditional hardware tokens:

  • Virtual tokens can be created instantaneously and electronically distributed to your users. Conversely, traditional hardware devices must be sent to individual users.
  • Desktop Authenticator is a windows software app and is fee.  Perfect for budget constrained companies.
  • Desktop Authenticator enables thousands of users to be 2FA compliant in a matter of hours.  Hardware devices can often require a set of operational procedures for the distribution of physical corporate assets.
  • Perfect for initial development testing, system testing and final QA testing because it is convenient to use.
  • Supports all Oath OTP formats, multiple tokens, and can be provisioned by users over-the-air.
  • User without mobile devices can still use 2FA for authentication in certain situations.
  • Users can manage their manage their Desktop Authenticator tokens using the ServicePass Self-Service Portal. Users can, remove, activate and enable, and manage all of their tokens.
  • The Desktop Authenticator is free!


The step-by-step user instructions can be found here.