Skip to content Skip to site navigation Skip to service navigation

How to Use a Hardware Token for Two-Step Authentication

The new Security Key is recommended over a hardware token. Unlike hardware tokens with batteries, a Security Key does not need batteries, and it lasts at least twice as long as a display token. Visit How to Use a Security Key for Two-Step Authentication.

The hardware token is a two-step authentication device that generates and displays a six-digit passcode at the push of a button. The device does not need wireless access or a data connection. The battery life expectancy is four years. 

Get a hardware token

  1. Schedule an appointment at the Stanford ID Card Office (Tresidder Union, 2nd Floor). 
  2. The ID Card Office staff will associate your SUNet ID to the serial number of a hardware token which will automatically set that token as your new default Stanford University two-step authentication device.

To delete the token as an authentication device, you must return the token to the ID Card Office.

If your device is lost, stolen, or damaged you can get a replacement token for $25 from the ID Card Office. Your first token is free of charge.

Authenticate with your hardware token

  1. You will always be prompted for your last-used authentication method.  If Hardware token was your last-used authentication method, retrieve your passcode from your hardware token. 

    • If Hardware token was not your last-used authentication method, click Other options.

    • In the Other options menu, select the Hardware token option. 

  2. Press the button on your hardware token to generate a new six-digit code.
    • Note: The Fortinet token uses a button-pressed generated passcode that changes after 13 seconds.

  3. Enter your passcode in the box and click verify.

  4. Once you have authenticated, you might see a screen that asks if you want to trust the browser. You’ll have the option to select “Yes, trust browser.” This takes the place of the “Remember Me” screen. 

    • If you click Yes, trust browser the browser will automatically remember you, and you will not be prompted to authenticate for that application or service for the next 90 days.

    • If you select No, do not trust this browser, you will still authenticate and continue onto your desired site; however, you will be prompted to re-authenticate each time you log into an application on that browser. 

    • Remember, public or shared computers shouldn’t be saved as trusted browsers.

Last modified January 31, 2023