Controlling access to computer resources is a frequent concern of network administrators. Access control systems should be reliable and should be easy for users to use. For a particular access control system, such as a multi-factor authentication system, a user may be required to provide an authentication token to gain access to resources of a computer system. Since the user may move from one computer to another, the authentication token may transfer malicious code from one computer to another if the malicious code is inadvertently uploaded to the authentication token.