A portable mass storage device for use in two factor authentication systems and methods. A secure portable mass storage device protects content from being freely copied with security mechanisms and firmware. The security functionality also protects confidential user credentials and passwords, as well as algorithms and seeds needed for two factor authentication or asymmetric authentication methods. A client application residing in the mass storage device acts as both a password manager and an authentication manager that seamlessly performs the authentication procedures in the background while signing a user into various institutions of his choosing. A very high level of security is integrated into a mass storage device the user has for purposes other than two factor authentication, and the convenience of highly secure password management also comes in a convenient pocket sized package easy for the user to transport. This facilitates the acceptance of two factor authentication, and increases security for a wide variety of online transactions.