Simple Hardware Token

Simple OTP (one-time password) hardware tokens are available at no cost for students, employees and affiliates who do not have a smart phone or other 2-Step device. Tokens are not available to alumni. You can use a token to generate passcodes over and over again, but each passcode works only one time. We recommend that you use a smart phone with Duo Push for the CalNet 2-Step. 

Obtaining a Token

If you need a Simple Hardware Token, you can pick one up on campus at the following locations. Tokens are not availble to alumni.

Students

If you are a student and need a Simple Hardware Token, you can pick one up from

• The Student Technology Services helpdesk. Visit https://studenttech.berkeley.edu/techsupport for current locations and hours.

Faculty and Staff
Faculty or Staff needing a token can obtain one in any of the following ways:

• Go to the ITCS Drop-in Location at 117 Dwinelle. Visit https://berkeley.service-now.com/kb?id=kb_article_view&sysparm_article=KB0014900 for current location and hours.
• Go to 1608 Fourth Street during regular business hours.
• Go to the Student Technology Services helpdesk. Visit https://studenttech.berkeley.edu/techsupport for current locations and hours.
• Open a ticket with ITCS to have a token shipped to you directly: calnet2-stephelp@berkeley.edu

Emeriti

• Emeriti and subscribers to retiree email service can email the UCB Retirement Center (UCBRC) at ucbrc@berkeley.edu to request a token.

Returning a Token

If you no longer need a simple hardware token, you can return yours by dropping it off at STS (see above), or return via ITCS Drop In hours at Dwinelle Hall. 

You can also return a token by sending it by postal or inter-office mail to: ITCS, 1608 4th street, Berkeley CA 94710

Using a Token

If you already have a Simple Hardware Token, you must register it before you can use it:

Step 1: Register your Simple Hardware Token

1. Register your token using this form: https://docs.google.com/forms/d/e/1FAIpQLSdk6SWJGMMzuJQwIUJ9y-eWcCS4bdGyIeycfXyW6yUa-zPLMQ/viewform

2. You will receive an email notification when your token is registered.

Step 2: Try it out

1. Once you have received confirmation that your token is registered, go to mycalnet.berkeley.edu’s Manage 2-Step Verification page.

2. Enter your CalNet ID and passphrase to log in as usual to the CAS screen.

3. If the security key is not your default mode of authentication, click Other options, then click the Security Key button.

    *If you are automatically logged in and the 2-Step prompt is bypassed, try either clearing cache/cookies(link is external) or using an incognito browser

3. Next, tap the red power symbol on your Simple Hardware Token. A numerical code will appear on the token’s screen.

   1. If you hold down the red button too long, it will display all; 8s. Let the token be until the screen clears, and try again.

5. Type the code that appears on your token into the field for the passcode on the 2-Step screen.

6. Click Verify. 

Ta da!  You have successfully done the 2-Step.

Note: You will see your token listed as a device when you log in to the 2-Step Device Control Panel.

Step 3: Print your backup passcodes

Before leaving mycalnet.berkeley.edu, please take a moment to click the blue Get Backup Passcodes button, and print your codes. Click here to find out more about backup passcodes.