user should be able to protect their tokens by activating authentication via code or biometric
user should be able to protect their tokens by activating authentication via code or biometric