Using a token as your second factor
A hardware token is a small "key fob" device that will be used to generate passcodes at the press of a button. Hardware tokens must be registered before use.
First, you will need to acquire a token
1. Notify your department business manager or purchasing agent of your need for a token.
2. The department business manager or purchasing agent will email the Terrapin Technology Store (firstname.lastname@example.org) to request a quote for the number of tokens needed.
3. The Terrapin Technology Store will provide a price quote and delivery options to the department business manager or purchasing agent.
4. The department business manager or purchasing agent will provide a Kuali Financial System (KFS) number for payment and will select a delivery option.
5. The Terrapin Technology Store will confirm the purchase and provide a tracking number for the shipment.
6. Hardware Token(s) will be delivered to the Terrapin Technology Store.
7. The Hardware Token(s) is picked up or delivered as decided in step 4.
Second, you will need to register your token
1. To register your hardware token, visit the Multi-Factor Authentication portal or click Register Token on the right of the catalog entry page.
2. The Central Authentication Service window will open. Enter your university Directory ID and Password. Click Login.
NOTE: If you have already registered a device for MFA, you will need to use it to complete the authentication using Duo Push or by generating a passcode with your Duo Mobile app and pressing Log In. Otherwise, proceed to the next step.
3. Enter the serial number found on the back of your hardware token above the barcode into the Serial Number field.
NOTE: Serial numbers for hardware tokens commonly begin with DSEC prefix.
4. Choose the brand of token found on the front of your token from the Brand drop down menu.
NOTE: The hardware token brand will be either DUO or Gemalto.
5. Click Register Hardware Token.
6. You will receive a message indicating that the hardware token has been successfully registered. If you encounter errors, contact the Call Center at 301.405.1500.
7. You may now use the six (6)-digit passcode generated by the token to authenticate into MFA protected systems.
If you have successfully configured the token, you do not need to configure your phone as a second factor. You can proceed to the instructions on Using MFA to log-in after setup.