Using hardware tokens
DIGIPASS 280 token
The DIGIPASS 280 token is a synchronous hardware token that allows you to authenticate and get access to resources protected by Defender.
To authenticate and access resources protected by Defender, use the one-time password (OTP) application of the DIGIPASS 280 token (the OTP1 and OTP2 buttons). Currently, Defender does not support the e-signature application of the token (the SIGN1 and SIGN2 buttons).
The DIGIPASS 280 token works in synchronous mode. During the authentication process, the token generates an internal challenge. That challenge is based on an internally generated time clock. For successful authentication, Defender and the DIGIPASS 280 token must agree on the value in the token's time clock.
The value in the token’s time clock can become out of sync with Defender. If this happens, you will not be able to use the token for authentication. In this case, contact your system administrator.
Before you start using the DIGIPASS 280 token for authentication, you need to register it. You can either have the system administrator register the token for you or you can register the token yourself.
Your system administrator may configure a special Web site called the Defender Self-Service Portal where you can register hardware tokens. Contact your system administrator to learn if you can use the Defender Self-Service Portal to register hardware tokens and to obtain the address (URL) of the portal Web site. For more information, see Registering a hardware token.
Authenticating with DIGIPASS 280 token
To authenticate with the DIGIPASS 280 token
- Access the resource protected by Defender.
A sign-in screen appears. If prompted, enter your user ID.
- Use your DIGIPASS 280 token to generate a token response, also known as one-time password (OTP):
- Press the power button to turn on the token.
- When Pin appears on the token display, use the token keyboard to type the token PIN given to you by your system administrator.
- When SELECT appears on the token display, press the OTP1 or OTP2 button on the token to generate a one-time password.
To generate the next one-time password, press the C or OK button, and when SELECT appears on the token display, press the OTP1 or OTP2 button.
- Enter the generated OTP on the sign-in screen to authenticate and get access to the protected resource.
IMPORTANT: Ask your system administrator which token button your should press to generate OTPs: OTP1 or OTP2. Your token may be configured so that for certain protected resources only one of these buttons generates valid OTPs.
DIGIPASS 301 CV token
The DIGIPASS 301 CV token is hardware token that allows you to authenticate and get access to resources protected by Defender.
The DIGIPASS 301 CV is designed specifically for visually impaired people. This hardware token has an internal speaker and can be used with headphones attached.
The DIGIPASS 301 CV is capable of converting generated one-time passwords (OTPs) into speech, so that token users could hear the OTPs through the internal speaker or attached headphones. This hardware token also provides speech-based user guidance and feedback of entered data and the functions the user selects.
With Defender, the DIGIPASS 301 CV token works in synchronous mode. During the authentication process, the token generates an internal challenge. That challenge is based on an internally generated time clock. For successful authentication, Defender and the DIGIPASS 301 CV token must agree on the value in the token's time clock.
The value in the token’s time clock can become out of sync with Defender. If this happens, you will not be able to use the token for authentication. In this case, contact your system administrator.
Before you start using the DIGIPASS 301 CV token for authentication, you need to register it. You can either have the system administrator register the token for you or you can register the token yourself.
Your system administrator may configure a special Web site called the Defender Self-Service Portal where you can register hardware tokens. Contact your system administrator to learn if you can use the Defender Self-Service Portal to register hardware tokens and to obtain the address (URL) of the portal Web site. For more information, see Hardware Token.