What is the primary threat against physical tokens used for multi-factor authentication?

The primary threat to physical tokens is the possibility of theft or loss, which could result in unauthorized access. While it may be conceivable to clone tokens if the token's seed were known, the design of most tokens is intended to prevent reverse-engineering, making it necessary to breach the vendor or experience a similar issue to cause an exposure. Brute force attacks are not a realistic threat to most token implementations, nor is algorithm failure.