RSA SecurID two-factor authentication is based on something you have
(an authenticator) and something you know (a PIN)
The SecurID desktop application requires a software-based security token. The token "seed" generates a new 6- or 8-digit random number (tokencode) at regular intervals, typically every 60 seconds. This tokencode is your one-time password (OTP). You enter OTP values, along with other security information, to verify your identity when you log on to a protected resource. You use a new OTP for each authentication.
To access a resource, you enter your user name and OTP. Typically, you must also enter a SecurID PIN. If your token does not require a PIN, you may need to enter only your user name. If the protected resource requests a PIN, and your token does not require one, you must enter 0000 (four zeros) in place of a PIN.