Call a Specialist Today! 020 3958 0662 Free Delivery! Free Delivery!

Fortinet FortiToken 200B Two-Factor Authentication
One Time Password Token for Strong Authentication


Click here to jump to more pricing!


Enable two-factor authentication with FortiToken Mobile (FTM) One-Time Password (OTP) Application with Push Notifications or a Hardware Time-Based OTP Token

Fortinet FortiToken Mobile (FTM) and hardware OTP Tokens are fully integrated with FortiClient, protected by FortiGuard, and leverage direct management and use within the FortiGate and FortiAuthenticator security platforms. Fortinet two-factor authentication solutions are easy to manage and easy to use.

Product Offerings:

FortiToken Mobile

FortiToken Mobile is an OATH compliant OTP generator application for the mobile device, supporting both time-based (TOTP) and event-based (HOTP) tokens.


FortiToken 200/200CD

FortiToken 200 is part of Fortinet’s broad and flexible two-factor authentication offering. It is an OATH compliant, TOTP. It is a small, keychain-sized device that offers real mobility and flexibility for the end user.

There is no client software to install. Simply press the button and the FortiToken 200 generates and displays a secure one-time password every 60 seconds. The password verifies user identity for access to critical networks and applications. The LCD big screen of the rugged FortiToken 200 is much easier to read than other OTP tokens. There is an indicator on the screen displaying the time left until the next OTP generation. FortiToken 200CD tokens are shipped with an encrypted activation CD for the ultimate in OTP token seed security.


FortiToken 220

The FortiToken 220 OTP token form factor is a mini credit card that fits into a wallet. The card is also shipped with a pre-cut hole for a keyring.



Convenient, Strong Authentication

FortiToken is the client component of Fortinet’s highly secure, simple to use and administer, and cost-effective two-factor solution for meeting strong authentication needs. This application makes Android, iOS, and Windows mobile devices behave like a hardware-based OTP token without the hassle of having to carry yet another device. Push notification shows details on the mobile device to approve or deny with one tap. Alternatively, hardware-based OTP tokens can be used to prevent users’ passwords from being stolen via phishing, dictionary, and brute-force attacks.

Ultra-Secure Token Provisioning

FortiToken Mobile is simple to use and administer and provision for the system administrator. The token seeds are generated dynamically, minimizing online exposure. Binding the token to the device is enforced and the seeds are always encrypted at rest and in motion.

Privacy and Control

FortiToken Mobile cannot change settings on a phone, take pictures or video, record or transmit audio, or read or send emails. Further, it cannot see browser history, and it requires permission to send notifications or to change any settings. Additionally, FortiToken Mobile cannot remotely wipe a phone. Any visibility FortiToken Mobile requires is to verify the OS version to determine app version compatibility.

While FortiToken Mobile cannot change any settings without permission, the following permissions are relevant to FortiToken Mobile operations:

  • Access to camera for scanning QR codes for easy token activation
  • TouchID/FaceID used for app security
  • Access to the internet for communication to activate tokens and receive push notifications
  • “Send Feedback by Email”, to automatically populate the “Sender” field
  • Internally share files between applications to prepare an attachment to be sent by email for “Send Feedback by Email”
  • FortiToken must keep the phone awake while it is upgrading the internal database to avoid data corruption

Leverages Existing Fortinet Platforms

Besides offering out-of-the-box interoperability with any time-based OATH compliant authentication server such as FortiAuthenticator, FortiToken can also be used directly with FortiGate Next-Generation Firewalls, including with high availability configurations.

FortiGate has an integrated authentication server for validating the OTP as the second authentication factor for SSL VPN, IPsec VPN, captive portal, and administrative login. This eliminates the need for the external RADIUS server that is typically required when implementing two-factor solutions.

Online Activation with FortiGuard®

FortiToken tokens can be activated online directly from FortiGate or FortiAuthenticator using the FortiGuard Center. This maintains token seeds in a managed service repository. Once the seeds are activated, they can no longer be accessed from FortiGuard, ensuring they are safe from compromise. Alternatively, Fortinet offers an encrypted activation CD solution.

Main Features:

FortiToken Hardware Devices

  • Integrated with FortiClient and protected by FortiGuard
  • OATH TOTP compliant
  • Large, easy-to-read, LCD display
  • Long-life lithium battery
  • Tamper-resistant/tamper-evident packaging

FortiToken Mobile

  • OATH time- and event-based OTP generator
  • Login details pushed to phone for one-tap approval
  • Patented cross platform token transfer
  • PIN/Fingerprint protected application
  • Copy OTP to the clipboard
  • OTP time-interval display
  • Serial number display
  • Token and app management
  • Self-erase brute-force protection
  • Apple watch compatibility

Supported Platforms:

FortiToken Hardware Devices

  • FortiOS 4.3 and up
  • FortiAuthenticator — all versions

FortiToken Mobile

  • iOS (iPhone, iPod Touch, iPad), Android, Windows Phone 8, 8.1, Windows 10, and Windows Universal Platform
  • WiFi-only devices supported (for over-the-air token activation)


  • Unique token provisioning service via FortiGuard; minimizes provisioning overhead and ensures maximum seed security
  • Perpetual token license and unlimited device transfers eliminate annual subscription fees
  • Scalable solution leveraging existing end-user devices offers low entry cost and TCO
  • Reduces costs and complexity by using an existing FortiGate as the two-factor authentication server
  • Zero footprint solution





Onboard Security Algorithm



OTP Spec

60 seconds, SHA-1

60 seconds, SHA-1


6-digit high contrast LCD display

Built-in button, 6-character LCD screen, Globally unique serial number

Dimensions (Length x Width x Height)

61.5 x 27.5 x 11.5mm

68 x 38 x 1 mm

Hardware Certification

RoHS Compliant


Operating Temperature

14–122°F (-10–50°C)

32–122°F (0–50°C)

Storage Temperature

-4–158°F (-20–70°C)

14–140°F (-10–60°C)


IP54 (Ingress Protection)

IP54 (Ingress Protection)


Hard Molded Plastic (ABS) Tamper-Evident

Hard Molded Plastic (ABS) Tamper-Evident

Secure Storage Medium

Static RAM

Static RAM

Battery Type

Standard Lithium Battery

Standard Lithium Battery

Battery Lifetime

3–5 Years

3–5 Years

Customization Available*

Casing Color, Company Logo, Faceplate Branding

Casing Color, Company Logo, Faceplate Branding

* Customizations are quantity-based


Download the Fortinet FortiToken Datasheet (PDF).

Download theOrdering Guide (PDF).

Pricing Notes: