MFA: Hardware tokens
Information about purchasing and setting up hardware tokens for multi-factor authentication (MFA) on your Oxford Single-Sign On (SSO) account
What is a hardware token?
A hardware token or security key is a dedicated physical device that you plug into your computer or laptop that is used to authenticate your account. Once set up, it does not require any other devices, mobile data or internet connection for you to login to your account.
- A hardware token must be purchased before it can be used to authenticate your account
- You need to set up another authentication method before you can set up a Hardware token, so you will need a phone at initial set up
- After setting up a hardware token this will become your new first factor log in. There will be no requirement to enter an SSO password, as this will be replaced by the hardware token
- Support for using tokens will be provided by your local IT Departments
Yubico security key
Note: the user experience may vary slightly depending on the make, model and browser so this guide should be used in conjunction with the manufacturer’s instructions.
- Go to My Sign-Ins
- On the security info page click + Add Method
On the security info page click + Add Method
- In the drop-down menu click Security Key
In the drop-down menu click Security Key
- Click Add (Note: At this step the system may sometimes prompt you to login again)
- Select USB device
Select USB device
- A message will appear asking you to have your security key ready. Click Next
Have your key ready
- The following message may be displayed: "Your PC will redirect you to a new window to finish setup"
Your PC will redirect you to a new window to finish setup
- Click OK at the Security key setup
Security key setup
- Click OK to continue
Continue setup
- Insert your security key into the USB port
Insert your security key into the USB port
- Now choose a new security key PIN. Make sure you enter a PIN which you will remember. The PIN should be between 4 and 8 digits long. If you have setup the key previously, enter your existing PIN
Create a PIN for this security key
or
Enter your existing PIN
- Click OK
- You will be prompted to tap the security key for verification purposes
Touch your security key
- You may sometimes be prompted to enter your SSO password for additional verification. Type your password in and click Sign-In. If not, go to step 16
Enter your password
- You will be prompted to authenticate using your existing default method of authentication.
Please authenticate to continue - Enter a name for your key and click Next
Name your security key. This will help distinguish it from other keys.
- The system will confirm that the hardware token is set-up. Click Done
You're all set!
- The hardware token will appear on your security info page
The hardware token will appear on your security info page
Setting up a hardware token can only be done after another multi-factor authentication method has been set-up. This means that the hardware token is not automatically set as your default sign-in method.
This section will guide you through the process of how to make a hardware token your default sign-in method when logging in for the first time.
- Insert your hardware token into the USB port
- Select the account, which you would like to sign-in to, and go to step 3
If the account is not listed, click Use another account and choose, Sign-in options and Sign in with a security key then go to step 4
Select the account you want to login with
- The Oxford Single Sign-On page will display. Click Sign in with a security key
Click Sign in with a security key
- Enter your security key PIN and click OK
Please enter your security key PIN
- You will be prompted to tap the security key for verification purposes
Touch your security key
- The login process is complete, and the hardware token is now the default sign-in method.
For future sign-ins you will be prompted for the pin to unlock the hardware token, rather than your password.
