About Hard Tokens

A hard token is an electronic device that generates one-time passwords for logging into a computer system. A hard token provides an extra layer of security called multi-factor authentication.

Hard tokens have acquired many different names here on campus, however, they all refer to the same device. Some names for tokens include DES token, authentication token, two-step authentication token, two-factor authentication token, multi-factor authentication token, PIN generator, Duo token, or just 'token.'

Request an MFA Token

To request an MFA token, contact the IT Services Desk at (805) 893-5000 or x5000.

Using the MFA Token

a) To authenticate using a hardware token, click the “Enter a Passcode” button. Press the button on your hardware token to generate a new passcode, type it into the space provided, and click “Log In” (or type the generated passcode in the Second Password field). Using the “Device:” drop-down menu to select your token is required before entering the passcode.

*NOTE: For specific instructions on how to select your MFA factor during the VPN client process, visit https://www.it.ucsb.edu/pulse-secure-campus-vpn/get-connected-vpn and select the appropriate operating system under the heading ‘Instructions and Software.'

Lost MFA Tokens 

a) Please contact our service desk at (805) 893-5000 or x5000.

Returning an MFA Token

a) Please contact our service desk at (805) 893-5000 or x5000.

You can also view, download, or print a PDF of the instructions.


Hard Token FAQs

There is one token that is supported for use with Duo:

UCSB MFA Duo hard token

No, unused tokens should be returned to the Core IT Service Desk. If you are a department staff and need a token assigned to a person in your department, please have the user call x5000 for further assistance.

No, you will receive the hard token preregistered to your account. You may begin using it immediately.

When you are prompted for a two-factor authentication code, you press the button on the front of the hard token. The token will display a six-character passcode, which you enter at the prompt.

Contact the IT Services Service Desk at (x5000) immediately if your hard token is lost or stolen so they can lock the hard token and send you a replacement. 

Hard tokens operate like any battery-operated device in that they will eventually stop working and need to be replaced. If you are having a problem with a Duo token (no longer generating a passcode, with either a corrupt or blank display), contact the IT Services Service Desk at (x5000) so they can send you a replacement. 

Tokens that no longer work are e-waste.