Simple OTP (one-time password) hardware tokens are available at no cost for students, employees and affiliates who do not have a smart phone or other 2-Step device. Tokens are not available to alumni. You can use a token to generate passcodes over and over again, but each passcode works only one time. We recommend that you use a smart phone with Duo Push for the CalNet 2-Step.
Obtaining a Token
If you need a Simple Hardware Token, you can pick one up on campus at the following locations. Tokens are not availble to alumni.
Student Technology Services (STS)
If you are a student and need a Simple Hardware Token, you can pick one up from the Student Technology Services helpdesk. Visit https://studenttech.berkeley.edu/techsupport for current locations and hours.
IT Client Services (ITCS)
Employees and affiliates may submit a ticket to calnet2-stephelp@berkeley.edu to set up an appointment to obtain a hardware token. You can also submit a ticket for ITCS to ship a token directly to your address.
- 1608 Fourth St, Berkeley, CA 94710
UCB Retirement Center (UCBRC)
Emeriti and subscribers to retiree email service can email ucbrc@berkeley.edu to request a token.
Returning a Token
If you no longer need a simple hardware token, you can return yours by dropping it off at STS (see above), or return via ITCS Drop In hours at Dwinelle Hall.
You can also return a token by sending it by postal or inter-office mail to: ITCS, 1608 4th street, Berkeley CA 94710
Using a Token
If you already have a Simple Hardware Token, you must register it before you can use it:
Step 1: Register your Simple Hardware Token
-
Register your token using this form: https://docs.google.com/forms/d/e/1FAIpQLSdk6SWJGMMzuJQwIUJ9y-eWcCS4bdGyIeycfXyW6yUa-zPLMQ/viewform
-
You will receive an email notification when your token is registered.
Step 2: Try it out
-
Once you have received confirmation that your token is registered, go to mycalnet.berkeley.edu’s Manage 2-Step Verification page.
-
Enter your CalNet ID and passphrase to log in as usual to the CAS screen.
-
If the security key is not your default mode of authentication, click Other options, then click the Security Key button.
*If you are automatically logged in and the 2-Step prompt is bypassed, try either clearing cache/cookies(link is external) or using an incognito browser
-
Next, tap the red power symbol on your Simple Hardware Token. A numerical code will appear on the token’s screen.
-
If you hold down the red button too long, it will display all; 8s. Let the token be until the screen clears, and try again.
-
-
Type the code that appears on your token into the field for the passcode on the 2-Step screen.
- Click Verify.
Ta da! You have successfully done the 2-Step.
Note: You will see your token listed as a device when you log in to the 2-Step Device Control Panel.
Step 3: Print your backup passcodes
Before leaving mycalnet.berkeley.edu, please take a moment to click the blue Get Backup Passcodes button, and print your codes. Click here to find out more about backup passcodes.