When a computer user is granted access to certain capabilities of a computer he is often given a password signifying these capabilities. A problem arises in that unauthorized users may copy the password and so gain access to the capabilities. In the present invention an enciphered message relating to capabilities is stored in the tamper-resistant store of a circuit contained by a token. The store also holds the secret key of a public key encryption system so that the enciphered message and a distinctive message can be transformed ("signed") using the secret key and passed to the computer. The corresponding public key may then be used by the computer to carry out an inverse transverse form and check the enciphered and distinctive messages against signals sent from the token. If this check is successful the required access is granted. Preferably the public key is part of the enciphered message, especially where the token grants access to a distributed or fragmented computer system, since this avoids the necessity of making public keys available throughout a computer system.