Manage MFA Hardware Token As Duo User Manager
Hardware token asset management
An ID Notary will keep track of and assign tokens. If there isn't an IT Notary designated in a Department or Unit, the customer would need to contact the IT Service Center and have a DUO Manager remove the token from the user's account.
If you are no longer employed by the University of Maryland, system access and authorization will be revoked as part of the normal off boarding procedure. Department staff must collect hardware tokens before separation from the university.
Agent authorization/Credentials required
IT-Support-HelpDesk-Student that is a Duo User Manager
MFA (Duo) device
This is a Tier 1 activity
Information required from customer
- Name and Directory ID from the owner of the token
- Token Serial Number (located on the back above the bar code)
Steps to complete procedure
- Collect User Directory ID and name for the owner of the token.
- Create Incident for User.
- Log into duo.com (only someone who is a User Manager can do this).
- Click 2FA Devices.
- Click Hardware Tokens.
- Enter the Token Serial Number in the search box next to Reports, then click on the Serial Number.
- Click Remove.
- The token should no longer have any users attached to it.
- A new user for the reclaimed token must go to the MFA Hardware Token Registration page to register.
- Department Staff must collect hardware tokens that are no longer needed or used (i.e. when someone decides to use a Smartphone or Tablet instead).
- An ID Notary will re-assign the Token to someone else, as well as remove it from the account from where it is being reclaimed.
- I. A new user for the token needs to go to the MFA Hardware Token Registration page to register a new token.
When someone leaves, what do I do with old tokens?
- Give them to Department Staff that is in charge of managing the tokens (such as an IT Support position, Business Manager, Assistant-Director, or Director).
- A Duo Admin should then go into the system and remove the account from the token, so that it can be re-used within the Department.
Management of token
- An ID Notary will keep track of and assign tokens.
- Hardware tokens run on batteries, and are only expected to last for five years, after which time they would need to be replaced by the Department or Unit.