PURPOSE Phones, hardware tokens, and security keys used for authentication should be protected like keys to important systems. KEEP THEM SECURE Do not leave authentication devices unattended or lend them casually. USE DEVICE LOCKS Protect phones and tablets with passcodes or biometrics. REPORT LOSS QUICKLY Lost authentication devices should be reported immediately. BACKUP Maintain approved backup recovery methods when possible.