Multi-factor Authentication OTP Token Frequently Asked Questions

Q. What are OTP multi-factor authentication tokens?

A. OTP stands for "one-time password." These tokens are designed to attach to your key ring and travel with you. When you press the power button, the screen displays a 6-digit passcode that you have a limited amount of time to enter into Duo before it expires. If you see 888 888 on the screen, that means you held the button down for too long and activated the screen test feature. Wait for the screen to reset and then try quickly pressing and releasing the button to receive your code.

Q. How do I use my token to log in?

A. When Duo presents you with your device options for logging in, use the dropdown menu to select "Token" and then click on the Enter a Passcode button in order to enter the digits displayed on the token's screen. Do NOT include the space between the first three digits and the last three digits. The space is simply there to help you see the numbers more easily on the token's screen. If the passcode does not work, try generating another one and verify that you have selected "Token" from the dropdown menu.

Q. How many OTP tokens can I have?

A. Your Duo account can support multiple OTP tokens.


Q. Does my OTP token require a cellular or Wi-Fi connection to work?

A. No. The OTP token does not rely on any kind of network connection to function. If you want to know more about the technology behind the numbers, you can read all about one-time passwords on Wikipedia.


Q. What happens if I can't enter the passcode in time?

A. Don't worry about it. You can press the button again and enter the next code that appears. There is a limit to how many times you can do that, but the limit is generous enough that it is extremely unlikely that you will ever lock yourself out, and even if you did lock yourself out, we could reactivate your token later at the IT Helpdesk.


Q. What happens if the button gets pressed while the token is in my pocket or purse?

A. See the previous answer. It is extremely unlikely that you would ever lock yourself out from accidental button presses.


Q. What should I do if I lose my token or it is stolen? Can someone else use the token to access my account?

A. Not without your SOU account password, but you should still report the loss or theft right away to the IT Helpdesk (541-552-6900). We will deactivate the missing token so that it can no longer be used as an authentication factor for your account, and we will issue you a new token billed to your department.


Q. How much do these tokens cost?

A. Ask your Computing Coordinator or call the IT Helpdesk at 541-552-6900.