Overview
Tokens are a small hardware device (pictured below) that generates passcodes on demand to use with the Duo two-step login. You can request a token by filling out the Duo Hardware Token Request Form. Upon requesting a token, you will be asked to verify ID in person or via Zoom.
1. Power button - Press to generate a code that can be used for the two-step login
2. Timer - Countdown indicating when passcode will expire (10 - 15 seconds)
3. Generated Code - 6-digit passcode that can be used on the two-step login
Critical Concepts
- A passcode can also be generated from within the Duo phone or tablet app. The app-generated passcode is accessible even without a cell or wifi connection. Whether you're on a flight or a ship, traveling internationally or working in a subterranean bunker, if you're using the app and have the device, you should be covered.
- It is best practice to register multiple two-step login devices. Even with a token, you'll want a backup plan for the day you lose it or leave it at home. Therefore, we recommend setting up various devices to complete two-step login to ensure you have multiple options.
- Passcodes generated from the hardware token are only good for a single-use. Also, previous passcodes expire when you generate a new one on the token.
Steps to Take
Generate & Use a Passcode
- You can generate a passcode by pressing the power button (do not hold down)
- A 6-digit passcode will now appear on screen. This passcode will be valid until the timer expires (10-15 seconds).
- Enter passcode on two-step login. To use your passcode for two-step verification:
- On Single Sign-On Applications: When you receive the prompt for two-step verification:
- click Other Options
- click Hardware token
- enter the passcode on your token
- click Verify
- On UCSD VPN: See the Duo Two-Step Login on VPN article for steps to take to use two-step passcodes on the VPN.