≡  GET DEMO  ≡  GET QUOTE  ≡  FREE TRIAL  ≡  LIVE CHAT  ≡  CALL BACK  ≡  CALL US  ≡
Deepnet Security Logo
OATH hardware tokens for Office 365 Azure MFA

If your organisation is using Office 365 cloud service and/or Azure ID (Entra ID) enabled with multi-factor authentication (MFA), and your users do not want to use or cannot use the mobile apps (such as the Microsoft Authenticator app) or SMS code, then you can use OATH TOTP hardware token as the alternative authentication device.

Deepnet SafeID hardware tokens are officially recommended by Microsoft for the Azure ID (Entra ID) customers and Office 365 users. Millions of users world-wide are using Deepnet SafeID hardware tokens as a multi-factor authentication device.

There are 2 types of OATH hardware tokens, pre-programmed and programmable tokens, and there are 2 types of Azure AD/Entra ID licenses, premium and basic. You have to select the right type of hardware token according to the type of Azure AD/Entra ID license that you have. For technical information in details on how SafeID hardware tokens work with Azure ID/Entra ID and Office 365, click here for details.

Entra ID/Azure AD Premium (P1 & P2)

If you have Entra ID/Azure AD Premium (P1 or P2) license with your Office 365 subscription (if you are not sure, then click here to find out) , then you can use one of the pre-programmed SafeID hardware tokens below. With the pre-programmed token, you can quickly enroll and deploy tokens to your entire user base without involving your users at all.

How it works
Every one-time password (OTP) token generates different and unique numbers, that is because every token is programmed with a unique piece of code called secret or seed. Pre-programmed tokens are programmed at factory, and cannot be re-programmed. Pre-programmed tokens come with a token file that contains the secrets of all of tokens. The customer's system administrator will upload the tokken file onto their service account, such as Azure AD account, and assign tokens to their users. Once a token is assigned to a user, it is ready to be used by the user without further actions.

SafeID/Classic


SafeID/Classic has a long history in the OTP token industry. It is very popular, reliable and robust. Its classic & elegant design will never go out fashion. SafeID/Classic is OATH/TOTP compliant.

Technical Specification
Compare ➽

SafeID/Enterprise


SafeID/Enterprise is a newly designed OTP token that aims to be the all-round best OTP token. It is small, lightweight, portable and rugged. SafeID/Enterprise is OATH/TOTP compliant.

Technical Specification
Compare ➽

SafeID/Mini


Measured at only 44 x 19 x 6.5 mm, SafeID/Mini is one of the smallest one-time password tokens in the world. It is time-based, OATH/TOTP compliant.
(touch button on the back)

Technical Specification
Compare ➽

SafeID/Anytime


SafeID/Anytime is a button-less OTP token that displays one-time password on the screen at all times. It is time-based, OATH/TOTP compliant.
(no button, always on)

Technical Specification
Compare ➽

SafeID/Classic Card


SafeID/Classic card is a time-based, OATH/TOTP compliant one-time password card. It is in the same size as a credit card, therefore can be safely kept in a wallet or a pocket.

Technical Specification
Compare ➽

SafeID/Audio


Designed for vision impaired people, SafeID/Audio speaks out the one-time password as it is displayed on the LCD screen. It is time-based, OATH/TOTP compliant.

Technical Specification
Compare ➽

Entra ID/Azure AD Basic (Free)

If you do not have Entra ID/Azure AD Premium license, then your users can use the programmable hardware tokens below to replace the Microsoft Authenticator app.

How it Works
Every one-time password (OTP) token generates different and unique numbers, that is because every token contains a unique piece of code called secret or seed. Azure MFA for Office 365 generates the user’s secret and provides it as a QR code. Using a programming tool, the user’s secret can be programmed into a programmable hardware token by scanning the QR code. This process is exactly the same as that the user’s secret is installed into the Microsoft Authenticator or Google Authenticator app.

You can program hardware tokens using a Windows PC or laptop with a NFC Smart Card Reader, Android phone with NFC function, or iPhone with NFC function. Once a hardware token is programmed, it works on its own. It doesn't connect to your phone or the internet in order to generate one-time passwords.

SafeID/Pro


SafeID/Pro is a programmable OATH/TOTP compliant security token. It is small, lightweight, portable and rugged. It is newly designed to be the all-round best OTP key fob token.

Technical Specification
Compare ➽

SafeID/Diamond


SafeID/Diamond is a programmable OTP token that can be used to replace soft token such as Microsoft Authenticator or Google Authenticator. It is time-based, OATH/TOTP compliant.

Technical Specification
Compare ➽

SafeID/PinPad (Pro)


SafeID/PinPad (Pro) is a multi-profile TOTP token that can be programmed to support up to 10 accounts. The device can also be optionally protected by a user PIN.

Technical Specification
Compare ➽

SafeID/QR


SafeID/QR displays the OTP code as a number as well as a QR code on its LCD screen. It can be directly programmed via USB connection. SafeID/QR hosts one account only per device.

Technical Specification
Compare ➽

SafeID/QR (Pro)


SafeID/QR (Pro) can host 100 accounts in the device. It can be directly programmed via USB connection. It displays OTP codes as a numbers as well as QR codes on its LCD screen.

Technical Specification
Compare ➽

SafeID/Diamond Card


SafeID/Diamond card is a programmable TOTP token, like the other SafeID tokens. It is in the same size of a credit card, making it very portable.

Technical Specification
Compare ➽

SafeID/Diamond Card (Mini)


SafeID/Diamond Card (Mini) is the mini version of the SafeID/Diamond Card. It is about 2/3 of the size of a credit card (but slightly thicker).


Technical Specification
Compare ➽

Technical Specification - SafeID/Classic


Security Algorithm:
Passcode Length:
Time Interval:
Size:
Weight:
Battery Life:
Waterproof:
Tamper-Proof:
Operating Temperature:
Compliance:


OATH/TOTP
6 Digits
60 or 30 Seconds
61 x 28 x 12 (mm)
14 grams
5 - 7 Years
IP67
Yes
0°C - 50°C
CE, FCC, Rohs

Technical Specification - SafeID/Enterprise


Security Algorithm:
Passcode Length:
Time Interval:
Size:
Weight:
Battery Life:
Waterproof:
Tamper-Proof:
Operating Temperature:
Compliance:


OATH/TOTP
6 Digits
30 Seconds
50 x 25 x 10 (mm)
14 grams
5 - 7 Years
IP67
Yes
0°C - 50°C
CE, FCC, Rohs

Technical Specification - SafeID/Mini


Security Algorithm:
Passcode Length:
Time Interval:
Size:
Weight:
Battery Life:
Waterproof:
Tamper-Proof:
Operating Temperature:
Compliance:


OATH/TOTP
6 Digits
60 Seconds
44 x 19 x 6.5 (mm)
11 grams
5 - 7 Years
IP67
Yes
0°C - 50°C
CE, FCC, Rohs

Technical Specification - SafeID/Anytime


Security Algorithm:
Passcode Length:
Time Interval:
Size:
Weight:
Battery Life:
Waterproof:
Tamper-Proof:
Operating Temperature:
Compliance:


OATH/TOTP
6 Digits
60 Seconds
46.50 x 24.90 x 9.50 (mm)
14 grams
4 - 6 Years
IP67
Yes
0°C - 50°C
CE, FCC, Rohs

Technical Specification - SafeID/Classic Card


Security Algorithm:
Passcode Length:
Time Interval:
Size:
Battery Life:


OATH/TOTP
6 Digits
60 Seconds
95.60 × 53.98 × 1.0 (mm)
4 - 5 Years

Technical Specification - SafeID/Audio


Security Algorithm:
Passcode Length:
Time Interval:
Size:
Weight:
Battery Life:
Operating Temperature:
Compliance:


OATH/TOTP
6 Digits
60 Seconds
42 x 42 x 18.40 (mm)
22 grams
3 - 5 Years
0°C - 50°C
CE, FCC, Rohs

Technical Specification - SafeID/Pro


Security Algorithm:
Passcode Length:
Size:
Weight:
Battery Life:
Waterproof:
Tamper-Proof:
Operating Temperature:
Compliance:


OATH/TOTP
6 Digits
50 x 25 x 10 (mm)
14 grams
5 - 7 Years
IP67
Yes
0°C - 50°C
CE, FCC, Rohs

Technical Specification - SafeID/Diamond


Security Algorithm:
Passcode Length:
Size:
Battery Life:
Waterproof:
Tamper-Proof:
Operating Temperature:
Compliance:
Programming Interface:
Programming Device:


OATH/TOTP
6 Digits
49.8 x 26 x 8.25 (mm)
4 - 6 Years
IP67
Yes
0°C - 50°C
CE, FCC, Rohs
NFC
Windows PC, Android and iPhone

Technical Specification - SafeID/PinPad (Pro)


Security Algorithm:
Passcode Length:
Size:
Weight:
Battery Life:
Waterproof:
Tamper-Proof:
Operating Temperature:
Compliance:


OATH/TOTP
6/8 Digits
70 x 45 x 4 (mm)
20 grams
5 - 7 Years
IP67
Yes
0°C - 50°C
CE, FCC, Rohs

Technical Specification - SafeID/QR


Security Algorithm:
Passcode Length:
Size:
Battery Life:
Waterproof:
Tamper-Proof:
Operating Temperature:
Compliance:
Programming Interface:
Programming Device:


OATH/TOTP
6 Digits
74 x 53 x 12.90 (mm)
5 - 7 Years
IP67
Yes
0°C - 50°C
CE, FCC, Rohs
USB
Windows PC

Technical Specification - SafeID/QR (Pro)


Security Algorithm:
Passcode Length:
Size:
Battery Life:
Waterproof:
Tamper-Proof:
Operating Temperature:
Compliance:
Programming Interface:
Programming Device:


OATH/TOTP
6 Digits
74 x 53 x 12.90 (mm)
5 - 7 Years
IP67
Yes
0°C - 50°C
CE, FCC, Rohs
USB
Windows PC

Technical Specification - SafeID/Diamond Card


Security Algorithm:
Passcode Length:
Size:
Battery Life:
Programming Interface:
Programming Device:


OATH/TOTP
6 Digits
95.60 × 53.98 × 1.0 (mm)
4 - 5 Years
NFC
Windows PC, Android and iPhone

Technical Specification - SafeID/Diamond Card (Mini)


Security Algorithm:
Passcode Length:
Size:
Battery Life:
Programming Interface:
Programming Device:


OATH/TOTP, SHA1/SHA256
6 Digits
64 × 38 × 1.0 (mm)
3 - 5 Years
NFC
Windows PC, Android and iPhone