University of Toronto Logo

Information + Technology Services

Small normal big

User FAQs

eToken User FAQs

What is an eToken?

An eToken is a USB key that plugs into a USB port on your computer. It holds a Public Key Infrastructure (PKI) security certificate, which is an electronic certificate that uniquely identifies an individual to a computer.  Like SecurID Cards, eTokens will be issued individually to those who need them to access AMS or ROSI or to access other systems that require two-step authentication.

Where do eTokens fit in the user authentication process for AMS and ROSI?

Similar to a SecurID Card, the eToken is simply the first step in the two-step authentication process for AMS and ROSI.

Step 1:  Plug the eToken into a USB port on your computer, click the eToken icon and type in your eToken password
Step 2:  Click on the AMS or ROSI icon on your desktop and log in using the same AMS/ROSI username and password you have now.

When do I need to get an eToken?

Many, but not all, of the SecurID Cards issued in the University will expire October 31, 2014.  These cards will not be renewed and will be replaced by eTokens.  If your SecurID Card expires in October you will be receiving further communication from the eToken Department Administrator for your department or faculty.

The remaining SecurID Cards that expire in 2015 or 2016 will be replaced in the months following October 31st, 2014.  Your eToken Department Administrator may or may not wait until they expire to replace them.

How do I get an eToken?

Setting up a user to use an eToken on their individual computer is a twofold endeavor:  The installation of the software client on the desktop and the issuance of an eToken in the user’s name.  Both will be coordinated by the eToken Department Administrator for your department or faculty.

Can I still work from home?

Remote Access (RDP):  Users will still be able to work remotely using an eToken, providing several conditions are met:

  1. The remote computer is a PC with the Windows Operating System or a MAC that is running Windows.
  2. Remote access into the university desktop is already configured on that machine.
  3. One piece of new eToken software (SafeNet) is loaded onto the remote computer.
  4. The eToken is plugged into the remote computer.
What do I do if I have forgot my token at home?

If a token has been temporarily misplaced or forgotten it is treated no different than a lost eToken. It must be reported immediately to your Department Administrator so that it may be replaced, while the forgotten is to be revoked.  Once found the old eToken is to be returned to the administrator so that it may be used at a later date.

I forgot my password, what do I do?

While different departments may have different work flows and roles regarding eToken management password resets are always to be left to either an administrator or a help desk agent. All password resets must requested in person by the eToken User and done in house  for security purposes.

What do I do if my have lost my eToken?

If an eToken is lost it must be reported to your Department Administrator immediately. The DA will then replace the lost token while revoking all credentials on the missing token rendering it obsolete.