What is an eToken?
- The University’s High Assurance Access Service is a method of authentication that provides higher ‘assurance’ of identity greater than just use use of username and password
- Multi factor authentication is one method of authentication that provides high assurance and is often classified as something you have and something you know
- The eToken is the University’s multi-factor authentication product which has replaced the use of SecurID
Why Do I Need one?
- Assurance levels are used to classify technology and practices that limit unauthorized and fraudulent access to information
- Assurance levels are matched to the value and risk of the application and information being protected
- This matching is done based on threat-risk analyses of the applications to be protected
- Applications that collect, use, or disclose private and/or sensitive information should make use of multi-factor authentication to provide high assurance of identity
Who needs an eToken?
The services and applications that make use of eTokens at the University are ever expanding.
Here is a list of enterprise level applications that currently make use of eToken authentication. If you are University staff who use one of the systems listed below it is likely you will need an eToken.
Please Note: Various departments have integrated eToken authentication into departmental specific applications or services. Your business Officer will notify you of any departmental requirements for eToken use.
How do I get one?
eTokens are considered University assets and are managed at a departmental level.
If You are a New Employee at the University …
- Contact your department’s eToken administrator
- To Access a list of current token admins. Please visit our eToken Admin checklist. You can Log-in to the view the list by providing your UTORid and UTORid password
- If your department administrator is not listed or if you seek additional assistance please contact your business officer
Please Note: You must have an active employee status and active UtorID in order to obtain an eToken. Should you require assistance with UTORid activation please visit the UTORid: Activation page
If You are an existing staff member transferring to a new department…
Given the new funding model, there is no reason for a department to take back the eToken of a person who is changing positions. If a person is leaving the University or taking a role in which they will not use an eToken, it should be retrieved and unassigned by an eToken administrator.
High Assurance Access Service
There is growing acceptance of the need to design online access services that are used with high value applications to provide higher assurance of identity than UTORid plus password alone. Assurance levels are used to classify technology and practices that limit unauthorized and fraudulent access. Assurance levels are matched to the value and risk of the application being protected. This matching is done based on threat-risk analyses of the applications to be protected. This site describes new procedures and tools to implement and use high assurance authentication tools and practices for online access to University services such as ROSI, AMS, and others that deal with sensitive information.
For eToken issues and web service login issues, please visit our Contact page.