Computer networks, such as those available at a workplace, university, or other organization, are often configured to provide remote access to users through virtual private networks (VPNs), customized network settings, and/or other technologies. Users must typically authenticate to remote networks before being granted access. Authentication may involve users providing various authentication factors, such as user IDs, passwords, token codes, and personal identification numbers (PINs). In a typical scenario, a user submits an authentication request containing one or more authentication factors to an authentication server. The authentication server receives the request and either grants or denies network access to the user based on whether the submitted authentication factors match expected values.
A common authentication scheme involves the use of token codes. Token codes, also known as one-time passwords, or “OTPs,” are generated automatically, such as by portable devices (i.e., “hard tokens”), which may be distributed to users. An example of a hard token is the SecureID® token code generator, which is available from RSA Security Inc., of Bedford, Mass. Recently, software has been developed to perform the functions of hard tokens on smart mobile devices, such as smart phones, PDAs, and tablets. Like hard tokens, these “soft tokens” generate token codes at regular intervals. Token codes generated by a soft token are displayed on a display screen of a user's smart mobile device. A user may read a token code and enter the token code manually into a login screen presented on the user's computer. The user's computer then forwards the token code, along with any additional authentication information, to the authentication server, which either grants or denies access to the user.
Occasionally, users of soft tokens wish to make copies of their softs token for use on different mobile devices. To address this need, an approach has been developed for allowing users to copy, or “clone,” their soft tokens from one mobile device to another.