Skip to content Skip to site navigation Skip to service navigation

How to Use a Hardware Token for Two-Step Authentication

The hardware token is a two-step authentication device that generates and displays a six-digit passcode at the push of a button. The device does not need wireless access or a data connection. The battery life expectancy is four years. 

Get a hardware token

  1. Go to the Stanford ID Card Office (Tresidder Union, 2nd Floor). Bring your Stanford or government issued photo ID.  
  2. The ID Card Office staff will associate your SUNet ID to the serial number of a hardware token which will automatically set that token as your new default Stanford University two-step authentication device.

To change your default two-step authentication method from hardware token to another device, or to add a backup device such as a smartphone, tablet, or desk phone, please visit: To delete the token as an authentication device, you must return the token to the ID Card Office.

If your device is lost, stolen, or damaged you can get a replacement token for $25 from the ID Card Office. Your first token is free of charge.


  1. When you are prompted by WebAuth to enter an authentication code for two-step authentication, press the button on your hardware token to generate a new six-digit code.
    Note: The original Authenex token uses a time-based passcode that changes every 30 seconds; the new Fortinet token uses a button-pressed generated passcode that changes after 13 seconds.

    Two-step screen for hardware token
  2. Enter the six-digit passcode and click Go.
Last modified September 27, 2016