Token2 C202

[Cyrille Mixtapes]

Afteryou have received your hardware token from Token2, you will need to request a .CSV file from the supplier.

The .CSV file contains information such as Serial Number, Secret Key, Time interval, manufacturer and model of the hardware keys.

Since this file contains a secret key, it is important that this file is kept encrypted, at both rest and in transit.

When you request the .CSV file from token2, you will be able to use PGP encryption to ensure a high level of security.

The .CSV file will need to be modified, where you simply attach a UPN to the serial number of each hardware key located on the back of the physical key.

You have now successfully sign-in using your OATH TOTP Hardware token.

Now you might wonder, what will happen if you would like to verify your sign-in using the verification code from the Microsoft Authenticator app? It will work just fine, even if you have several OATH TOTP hardware tokens configured on the same Azure AD account.

Question: Does the OATH TOTP hardware tokens works with Self Service Password reset?

Answer: Yes, but depending on the SSPR configuration you might need to add several methods.

Question: What will happened with the hardware token when an employee leaves the company?

Answer: The hardware token can be reused through the following steps:

1. Delete the hardware token from Azure AD

2. Modify the .CSV file and match the serielnumber of the hardware token with a new user (UPN)

3. Upload the .CSV file and verify the hardware token, the new user is now good to go.

Question: What will happend if the end-user by mistake deletes the hardware token from the security info portal?

Answer: The hardware token will automatically be inactivated in Azure AD, the end-user will need to contact the administrator that will be required to re-activate the hardware token.

3a8082e126