Uses the client IP to issue the token. That means it will work only if the IP is fixed for all users.
If the IP changes between the form display and the submit, the user will receive an error.
If you are using a proxy, you could encounter some troubles.