Can users have multiple phones with the same mobile authenticator token?

SurePassID allows users to share hard tokens between their accounts because there is just one physical token. Mobile authenticator tokens are not shareable.

Why? This is because a user can have many mobile tokens assigned to their account (one for each phone). When configured this way, if one phone is lost or compromised then the token on that phone can be removed without disabling the user's other phone(s).

IMPORTANT NOTE FOR OFFLINE 2FA LOGIN: This becomes problematic when the user is logging into Windows domains/accounts in offline mode, which requires the user's account to have a single event-based token (OATH HOTP). By default, this will be on one phone. It is possible - although strongly discouraged for security and usability issues - to have the same event-based token on each phone. The same token can be provisioned on both phones by scanning the QR code on the first phone, resetting the token on the second phone, and rescanning the QR code on each phone. If this is done, the offline cache of OTPs may get out of sync if the user used one phone for a long period and then switched to the other phone.