Overview
UW Information Technology provides a Token Authentication Service for access to more sensitive UW applications.
Updates
- 31-May-2011 - Last batch of SecurIDs expire tonight (techsupport list subscribers only)
- 12-Nov-2009 - Self Service Entrust Token Management Released
- 05-Dec-2008 - Gradual replacement of SecurIDs with Entrust tokens (techsupport list subscribers only)
Purpose
This higher-assurance authentication service provides authentication using Entrust tokens. It creates a "two-factor" authentication solution: where "something you know" – a password or PIN – is combined with "something you have" – a secure device that displays a secret value. A two-factor authentication system provides better security than a single-factor system (such as regular UW NetID + password authentication) because an attacker must obtain both the user's password and their device to impersonate them.
Token authentication is used for applications that require a higher level of authentication security. Primarily, these are central university administrative applications and functions.
Getting Started
Web-based applications can leverage token authentication by using Pubcookie or Shibboleth configured with the appropriate authentication type or session initiator, respectively.
External Links
Support
Contact help@uw.edu if you have questions about the Token Authentication Service.