Third-Party Hardware Tokens

You can use third-party hardware tokens with AuthPoint multi-factor authentication. To do so, you must:

Each AuthPoint user can have up to 20 software tokens and any number of hardware tokens.

Supported Hardware Tokens

Third-party hardware tokens must meet these requirements:

  • Response Format — Six-digit time-based OTP that includes only numbers with a 30 or 60 second time interval
  • Algorithm — OATH time-based OTP (RFC 6238)
  • Seed Delivery — OATH PSKC file (RFC 6030)

Import Hardware Tokens to AuthPoint

When you import third-party hardware tokens into AuthPoint, you must upload a seed file and provide a key.

  • Seed File — The seed file is a Portable Symmetric Key Container (PSKC) file that is used to import hardware token information into AuthPoint. This file contains device information for each hardware token. The accepted file types for a seed file are .XML, .PSKC, .TXT, and .VIP.
  • Key — The key is used to decrypt the seed file so AuthPoint can validate the one-time passwords (OTPs) that the hardware tokens generate. The key can be a string of characters that you type in AuthPoint or a file that you upload. The accepted file types for a key file are .TXT and .BIN.

You receive the seed file and key from your hardware token vendor. The seed file must be encrypted.

To import third-party hardware tokens:

  1. From the AuthPoint management UI, select Hardware Tokens.
    The Hardware Tokens page appears.
  2. Click Import Hardware Tokens.

  1. Type or paste the Key. Or, if you have a key file, select Upload key file and upload the file. The accepted file types for a key file are .TXT and .BIN.

    You receive the key from your hardware token vendor.

  1. In the Select a seed file section, drag and drop your seed file. Or, click Select a file to import and select your seed file. The accepted file types for a seed file are .XML, .PSKC, .TXT, and .VIP.

  1. (Optional) If you only want to import some of the hardware tokens, select Select tokens to import. You might do this if you purchased a large batch of hardware tokens that you want to import to several different accounts.

  1. Select the tokens to import.

  1. Click Import.
    Your hardware tokens are imported and the you see a page with the import details.

For more information about import details, see Hardware Token Import Details.

Assign a Hardware Token to a User

You can assign hardware tokens to a user from the Hardware Tokens page or the Users page.

Activate a Hardware Token

After you assign a hardware token to a user, you must activate the token before it can be used for authentication. You can activate hardware tokens from the Hardware Tokens page or the Users page.

Authentication with Hardware Tokens

You can use hardware tokens to authenticate with an OTP. You authenticate with hardware tokens the same way you authenticate with the software tokens on your phone. When you access a resource that requires authentication, select the option to authenticate with OTP and type the OTP shown on your hardware token.

For more information, see About Authentication.

Filter the Hardware Tokens List

You can apply filters to the list of third-party hardware tokens so that it is easier to see specific tokens. You might do this after you import a large number of hardware tokens if you want to see only specific tokens in the list, such as unassigned tokens or tokens that have a specific status.

To apply filters to the hardware tokens list:

  1. Click .
    The Filter Hardware Tokens window appears.

  1. Select the filters you want to apply. You can select multiple filters.

  1. Click Apply Filters.

Each filter that you apply appears at the top of the hardware tokens list. To remove a filter, click next to the filter label.

See Also

Hardware Token Import Details

About Authentication

Block a User or Token

Add New Software Tokens

Activate a Software Token