These measures are to ensure that only authorized users are able to perform actions or access information in a network or a workstation.
The most popular type of security token (RSA SecurID) displays a number which changes every minute.
Another similar type of token (Cryptogram) can produce a value each time a button is pressed.
Other security tokens can connect directly to the computer through USB, Smart card or Bluetooth ports, or through special purpose interfaces.
Depending on the restrictions of the system or network, the user may change his/her password to any alphanumeric sequence.
This is done by using the password as the encryption key to transmit a randomly generated piece of information, or “the challenge.” The other side must then return a similarly encrypted value which is some predetermined function of the originally offered information, his/her "response", which proves that he/she was able to decrypt the challenge.
Guest and superuser accounts are the two extremes, as individual access rights can be denied or granted to each user.