Password-only authentication can lead to security breaches, malware infections, and policy violations. With two-factor authentication, a password is used along with a security token and authentication server to provide far better security. Authorized employees can access company resources safely using a variety of devices, ranging from laptops to mobile phones. The FortiToken-300 is a USB device that is physically connected to the client computer to be used for client certificate-based authentication.