Two-factor Authentication Token Frequently Asked Questions
Q.What are two-factor authentication tokens?
A. Sometimes referred to as usb security keys, a token, when the button is pressed, automatically enters a 6-digit passcode at the Duo two-factor authentication prompt.
A variety of tokens are shown here:
Q. Can I use a token as my primary two-factor authentication method?
A. Yes, both staff and students may use a two-factor authentication token upon request. However, use of a mobile device and DUO mobile is preferred.
Q. Are there limitations on using a token?
A. Yes, there are some limitations to tokens.
First, you must be using a device with a compatible USB port and the USB port must not be disabled (some kiosks and computer labs disable USB ports for security reasons). At this time, only USB A tokens are available.
Second, you must use a supported browser. Google Chrome and Opera support tokens natively. Firefox now supports tokens, but support must be enabled in the browser on any computer you want to use your token. To do so, follow these step by step directions:
- Type "about:config" (without quotes) into the Firefox address bar and press Enter
- Search for “u2f”
- Double-click on security.webauth.u2f to enable U2F (or right-click and select Toggle)
For assistance with this process, contact your IT Pro or the IT Help Desk.
Q. How do I obtain a token?
A. To order a token please complete this form: https://support.ewu.edu/support/catalog/items/111
Eastern will only provide the first token free of charge.
Any replacement must be purchased and enrolled by the end user.
For assistance with enrollilng a replacement token please see our solution article, How to enroll a YubiKey for Duo 2FA.
Q. My token is lost, damaged, or stolen. What do I do?
A. Report damaged, stolen, or lost tokens immediately to the Information Technology department so the token can be disabled. Departments and/or Individuals are responsible for any replacement charges.
Q. I am a departing employee, what do I do with my token?
A. Much like other university property, you are required to return your two-factor token.