An eToken is a USB key that plugs into a USB port on your computer. It holds a Public Key Infrastructure (PKI) security certificate, which is an electronic certificate that uniquely identifies an individual to a computer. Like SecurID Cards, eTokens will be issued individually to those who need them to access AMS or ROSI or to access other systems that require two-step authentication.
Similar to a SecurID Card, the eToken is simply the first step in the two-step authentication process for AMS and ROSI.
Step 1: Plug the eToken into a USB port on your computer, click the eToken icon and type in your eToken password
Step 2: Click on the AMS or ROSI icon on your desktop and log in using the same AMS/ROSI username and password you have now.
Many, but not all, of the SecurID Cards issued in the University will expire October 31, 2014. These cards will not be renewed and will be replaced by eTokens. If your SecurID Card expires in October you will be receiving further communication from the eToken Department Administrator for your department or faculty.
The remaining SecurID Cards that expire in 2015 or 2016 will be replaced in the months following October 31st, 2014. Your eToken Department Administrator may or may not wait until they expire to replace them.
Setting up a user to use an eToken on their individual computer is a twofold endeavor: The installation of the software client on the desktop and the issuance of an eToken in the user’s name. Both will be coordinated by the eToken Department Administrator for your department or faculty.
Remote Access (RDP): Users will still be able to work remotely using an eToken, providing several conditions are met:
If a token has been temporarily misplaced or forgotten it is treated no different than a lost eToken. It must be reported immediately to your Department Administrator so that it may be replaced, while the forgotten is to be revoked. Once found the old eToken is to be returned to the administrator so that it may be used at a later date.
While different departments may have different work flows and roles regarding eToken management password resets are always to be left to either an administrator or a help desk agent. All password resets must requested in person by the eToken User and done in house for security purposes.
If an eToken is lost it must be reported to your Department Administrator immediately. The DA will then replace the lost token while revoking all credentials on the missing token rendering it obsolete.