A software token refer to
|“||the use of secrets stored on a computer and employed in conjunction with an authentication protocol.||”|
"Software tokens are not as secure as hardware storage tokens, since the secrets used by the software are held in files in a computer on a long-term basis. At best, these secrets typically are protected by a password. Thus, any attack against the computer that compromises these files allows an attacker to retrieve the stored secrets through password-guessing attacks."