A security token is a case-sensitive alphanumeric code that you append to your password or enter in a separate field in a client application.
Why security token is required ?
When you access Salesforce from an IP address that’s outside your company’s trusted IP range using a desktop client or the API, you need a security token to log in.
Since the security token is always tied with the user’s password, anytime a password reset is performed it will generate a Security token to be sent to the user. If the option is missing during the password reset process, there will not be a security token sent to the email address of the user.
How to get Security Token?
Click on your name at top right side in Salesforce org > My Setting > Personal .
Click Reset My Security Token > Reset Security Token. The new security token is sent to the email address.
Troubleshoot the missing of “Reset My Security Token” option
There are few possible scenarios where the user cannot request a security token.
Verify if IP Restrictions are added to the Login IP Ranges:
If there are any IP range values defined then Reset My Security Token option will not be available.
(E.g. Start IP: 18.104.22.168 End IP: 22.214.171.124)
In order for the option Reset My Security Token to appear you will need to first either remove the Login IP Ranges or change the user to a profile that does not have any Login IP Ranges listed.
Salesforce classic UI
If the Salesforce edition is Unlimited, Performance or Enterprise, System Administrators can verify if there are IP values in the Login IP ranges by selecting: Setup | Manage Users | Users | Profile| Profile name | Login IP Ranges.
If the Salesforce edition is Professional, Group or Contact Manager, IP Restrictions are located in the Session Settings, instead, system administrators can verify this by going to: Setup | Security Controls | Session Settings.
“Know more about Salesforce Consulting at Techila”