≡  GET DEMO  ≡  GET QUOTE  ≡  FREE TRIAL  ≡  LIVE CHAT  ≡  CALL BACK  ≡  CALL US  ≡
Deepnet Security Logo
OATH hardware tokens for Office 365 Azure MFA

If your organisation is using on-premises Azure MFA server or the Office 365 cloud service enabled with multi-factor authentication with Azure MFA, and your users do not want to use or cannot use the Microsoft Authenticator app or SMS code, then you can use OATH hardware token as the alternative authentication device.

Deepnet SafeID has always been the No.1 hardware token officially recommended by Microsoft for the Azure MFA customers and Office 365 users. Millions of users world-wide are using Deepnet SafeID hardware tokens as a multi-factor authentication device.

There are 2 types of OATH hardware tokens, pre-programmed and programmable tokens, and there are 2 types of Azure AD licenses, premium and basic. You have to select the right type of hardware token according to the type of Azure AD license that you have. For technical information in details on how SafeID hardware tokens work with Azure MFA and Office 365, click here for details.

Azure AD Premium (P1 & P2)

If you have Azure AD Premium (P1 or P2) license with your Office 365 subscription (if you are not sure, then click here to find out) , then you can use one of the pre-programmed SafeID hardware tokens below. With the pre-programmed token, you can quickly enroll and deploy tokens to your entire user base without involving your users at all.

How it works
Every one-time password (OTP) token generates different and unique numbers, that is because every token is programmed with a unique piece of code called secret or seed. Pre-programmed tokens are programmed at factory, and cannot be re-programmed. Pre-programmed tokens come with a token file that contains the secrets of all of tokens. The customer's system administrator will upload the tokken file onto their service account, such as Azure AD account, and assign tokens to their users. Once a token is assigned to a user, it is ready to be used by the user without further actions.

SafeID/Classic


SafeID/Classic is a time-based, OATH/TOTP compliant one-time password token. Its classic & elegant design will never go out fashion.
(touch button on the front)

Technical Specification
Compare ➽

SafeID/Mini


Measured at only 44 x 19 x 6.5 mm, SafeID/Mini is one of the smallest one-time password tokens in the world. It is time-based, OATH/TOTP compliant.
(touch button on the back)

Technical Specification
Compare ➽

SafeID/Anytime


SafeID/Anytime is a button-less OTP token that displays one-time password on the screen at all times. It is time-based, OATH/TOTP compliant.
(no button, always on)

Technical Specification
Compare ➽

SafeID Card/Classic


SafeID Card/Classic is a time-based, OATH/TOTP compliant one-time password card. Its classic & elegant design will never go out fashion.
(touch button on the front)

Technical Specification

SafeID/Pinpad


SafeID/PinPad is a time-based, OATH/TOTP compliant one-time password token. It is PIN protected and features a 12-button mini keypad.


Technical Specification
Compare ➽

SafeID/Audio


Designed for vision impaired people, SafeID/Audio speaks out the one-time password as it is displayed on the LCD screen. It is time-based, OATH/TOTP compliant.

Technical Specification
Compare ➽

Azure AD Basic (Free)

If you do not have Azure AD Premium license, then your users can use the programmable hardware tokens below to replace the Microsoft Authenticator app.

How it Works
Every one-time password (OTP) token generates different and unique numbers, that is because every token contains a unique piece of code called secret or seed. Azure MFA for Office 365 generates the user’s secret and provides it as a QR code. Using a programming tool, the user’s secret can be programmed into a programmable hardware token by scanning the QR code. This process is exactly the same as that the user’s secret is installed into the Microsoft Authenticator or Google Authenticator app.

You can program hardware tokens using a Windows PC or laptop with a NFC Smart Card Reader, Android phone with NFC function, or iPhone with NFC function. Once a hardware token is programmed, it works on its own. It doesn't connect to your phone or the internet in order to generate one-time passwords.

SafeID/Diamond


SafeID/Diamond is a programmable OTP token that can be used to replace soft token such as Microsoft Authenticator or Google Authenticator. It is time-based, OATH/TOTP compliant.


Technical Specification

SafeID Card/Diamond


SafeID Card/Diamond is a programmable OTP card that can be used to replace soft token such as Microsoft Authenticator or Google Authenticator. It is time-based, OATH/TOTP compliant.

Technical Specification

SafeID Mini Card/Diamond


SafeID/Diamond Mini Card is a programmable OTP card that can be used to replace soft token such as Microsoft Authenticator or Google Authenticator. It is time-based, OATH/TOTP compliant.

Technical Specification

SafeID/QR


SafeID/QR can be easily programmed via USB connection. It displays the OTP code as a number as well as a QR code on its LCD screen

Technical Specification

Technical Specification - SafeID/Classic


Security Algorithm:
Passcode Length:
Size:
Weight:
Battery Life:
Waterproof:
Tamper-Proof:
Operating Temperature:
Compliance:


OATH/TOTP
6 Digits
61 x 28 x 12 (mm)
14 grams
5 - 7 Years
IP67
Yes
0°C - 50°C
CE, FCC, Rohs

Technical Specification - SafeID/Mini


Security Algorithm:
Passcode Length:
Size:
Weight:
Battery Life:
Waterproof:
Tamper-Proof:
Operating Temperature:
Compliance:


OATH/TOTP
6 Digits
44 x 19 x 6.5 (mm)
11 grams
5 - 7 Years
IP67
Yes
0°C - 50°C
CE, FCC, Rohs

Technical Specification - SafeID/Anytime


Security Algorithm:
Passcode Length:
Size:
Weight:
Battery Life:
Waterproof:
Tamper-Proof:
Operating Temperature:
Compliance:


OATH/TOTP
6 Digits
46.50 x 24.90 x 9.50 (mm)
14 grams
4 - 6 Years
IP67
Yes
0°C - 50°C
CE, FCC, Rohs

Technical Specification - SafeID Card/Classic


Security Algorithm:
Passcode Length:
Size:
Battery Life:


OATH/TOTP
6 Digits
95.60 × 53.98 × 1.0 (mm)
4 - 5 Years

Technical Specification - SafeID/PinPad


Security Algorithm:
Passcode Length:
Size:
Weight:
Battery Life:
Waterproof:
Tamper-Proof:
Operating Temperature:
Compliance:


OATH/TOTP, ORCA
6-8 Digits
80.70 x 33.00 x 9.0 (mm)
21 grams
5 - 7 Years
IP67
Yes
0°C - 50°C
CE, FCC, Rohs

Technical Specification - SafeID/Audio


Security Algorithm:
Passcode Length:
Size:
Weight:
Battery Life:
Operating Temperature:
Compliance:


OATH/TOTP, ORCA
6 Digits
42 x 42 x 18.40 (mm)
22 grams
3 - 5 Years
0°C - 50°C
CE, FCC, Rohs

Technical Specification - SafeID/Diamond


Security Algorithm:
Passcode Length:
Size:
Battery Life:
Waterproof:
Tamper-Proof:
Operating Temperature:
Compliance:
Programming Interface:
Programming Device:


OATH/TOTP
6 Digits
49.8 x 26 x 8.25 (mm)
4 - 6 Years
IP67
Yes
0°C - 50°C
CE, FCC, Rohs
NFC
Windows PC, Android and iPhone

Technical Specification - SafeID Card/Diamond


Security Algorithm:
Passcode Length:
Size:
Battery Life:
Programming Interface:
Programming Device:


OATH/TOTP
6 Digits
95.60 × 53.98 × 1.0 (mm)
4 - 5 Years
NFC
Windows PC, Android and iPhone

Technical Specification - SafeID Mini Card/Diamond


Security Algorithm:
Passcode Length:
Size:
Battery Life:
Programming Interface:
Programming Device:


OATH/TOTP, SHA1/SHA256
6 Digits
64 × 38 × 1.0 (mm)
3 - 5 Years
NFC
Windows PC, Android and iPhone

Technical Specification - SafeID/QR


Security Algorithm:
Passcode Length:
Size:
Battery Life:
Waterproof:
Tamper-Proof:
Operating Temperature:
Compliance:
Programming Interface:
Programming Device:


OATH/TOTP
6 Digits
74 x 53 x 12.90 (mm)
5 - 7 Years
IP67
Yes
0°C - 50°C
CE, FCC, Rohs
USB
Windows PC