Simple hardware token verification will be turned off for employees and affiliates on March 18th, 2025
For more information see: https://calnet.berkeley.edu/news/new-multi-factor-authentication-enhancements
Overview
A Simple OTP (One-Time Password) hardware token is a security device or software application that generates a unique, single-use code for authentication, often used in multi-factor authentication (MFA) systems to enhance security beyond standard passwords. You can use a token to generate passcodes repeatedly, but each passcode works only once. We recommend using a smartphone with Duo Push for the CalNet 2-Step.
Obtaining a Token
Students:
For students without smartphones, simple OTP (one-time password) hardware tokens are available at no cost and can be picked one up from the Student Technology Services helpdesk. Visit https://studenttech.berkeley.edu/techsupport for current locations and hours.
Staff, faculty, and student employees:
Simple hardware tokens are inappropriate for staff, faculty, and student employees. The campus will provide Security Keys at no cost for those populations without smartphones.
Alumni:
Tokens are not available to alumni.
Returning a Token
If you no longer need a simple hardware token, you can return yours by dropping it off at STS (see above), or return via ITCS Drop In hours at Dwinelle Hall.
You can also return a token by sending it by postal or inter-office mail to: ITCS, 1608 4th street, Berkeley CA 94710
Using a Token
If you already have a Simple Hardware Token, you must register it before you can use it:
Step 1: Register your Simple Hardware Token
-
Register your token using this form: https://docs.google.com/forms/d/e/1FAIpQLSdk6SWJGMMzuJQwIUJ9y-eWcCS4bdGyIeycfXyW6yUa-zPLMQ/viewform
-
You will receive an email notification when your token is registered.
Step 2: Try it out
-
Once you have received confirmation that your token is registered, go to mycalnet.berkeley.edu’s Manage 2-Step Verification page.
-
Enter your CalNet ID and passphrase to log in as usual to the CAS screen.
-
If the security key is not your default mode of authentication, click Other options, then click the Security Key button.
*If you are automatically logged in and the 2-Step prompt is bypassed, try either clearing cache/cookies(link is external) or using an incognito browser
-
Next, tap the red power symbol on your Simple Hardware Token. A numerical code will appear on the token’s screen.
-
If you hold down the red button too long, it will display all; 8s. Let the token be until the screen clears, and try again.
-
-
Type the code that appears on your token into the field for the passcode on the 2-Step screen.
- Click Verify.
Ta da! You have successfully done the 2-Step.
Note: You will see your token listed as a device when you log in to the 2-Step Device Control Panel.
Step 3: Print your backup passcodes
Before leaving mycalnet.berkeley.edu, please take a moment to click the blue Get Backup Passcodes button, and print your codes. Click here to find out more about backup passcodes.