Simple OTP (one-time password) hardware tokens are available at no cost for anyone who does not have a smart phone or other 2-Step device. You can use a token to generate passcodes over and over again, but each passcode is only good to use one time. We recommend that you use a smart phone with Duo Push for the CalNet 2-Step.
Obtaining a Token
If you need a Simple Hardware Token, you can pick one up on campus at the following locations:
Student Technology Services (STS)
If you need a Simple Hardware Token, you can pick one up from the Student Technology Services helpdesk. Visit https://studenttech.berkeley.edu/techsupport for current locations and hours.
IT Client Services (ITCS)
You must submit a ticket to firstname.lastname@example.org to set up an appointment to obtain a hardware token. You can also submit a ticket for ITCS to ship a token directly to your address.
- 1608 Fourth St, Berkeley, CA 94710
UCB Retirement Center (UCBRC)
Subscribers to retiree email service and campus emeriti can email email@example.com to request a token.
Using a Token
If you already have a Simple Hardware Token, you must register it before you can use it:
Step 1: Register your Simple Hardware Token
Register your token using this form: https://docs.google.com/forms/d/e/1FAIpQLSdk6SWJGMMzuJQwIUJ9y-eWcCS4bdGyIeycfXyW6yUa-zPLMQ/viewform
You will receive an email notification when your token is registered.
Step 2: Try it out
Once you have received confirmation that your token is registered, go to mycalnet.berkeley.edu’s Manage 2-Step Verification page.
Enter your CalNet ID and passphrase to log in as usual to the CAS screen.
If the security key is not your default mode of authentication, click Other options, then click the Security Key button.
*If you are automatically logged in and the 2-Step prompt is bypassed, try either clearing cache/cookies(link is external) or using an incognito browser
Next, tap the red power symbol on your Simple Hardware Token. A numerical code will appear on the token’s screen.
If you hold down the red button too long, it will display all; 8s. Let the token be until the screen clears, and try again.
Type the code that appears on your token into the field for the passcode on the 2-Step screen.
- Click Verify.
Ta da! You have successfully done the 2-Step.
Note: You will see your token listed as a device when you log in to the 2-Step Device Control Panel.
Step 3: Print your backup passcodes
Before leaving mycalnet.berkeley.edu, please take a moment to click the blue Get Backup Passcodes button, and print your codes. Click here to find out more about backup passcodes.