TOTP hardware tokens are keychain devices that display a 6 digit code (one time password). They must be pre-registered with your account by WSU.
WSU Recommendation
WSU does not recommend use of c200 TOTP hardware tokens to protect your WSU Account.
c200 tokens have a limited lifespan because they have a limited battery life and may lose synchronization with Okta. At the end of the device lifespan, they must be thrown away and replaced.
- MFA does not use any network
- Good Phishing Resistance
- Requires hardware token
- No self-service registration option
- Limited lifespan of device
How to Get a c200 TOTP token
WSU ITS purchased a limited number of c200 TOTP tokens. While supplies last, they can be requested by contacting the Crimson Service Desk
How to Set Up hardware TOTP
c200 TOTP tokens cannot be set up using self-service. Your token must be activated by ITS staff before delivery to you.
How to Use your TOTP hardware token
- Enter your username to login in to login.wsu.edu
- Enter your password when prompted*
- When prompted to select a security option, select "OTP c200"
- Press the power button on your TOTP token to display the next code
- Type the code displayed on the token into the Okta login widget
Hardware Recommendations
- Security Key C NFC - Yubico
- YubiKey 5C NFC - Yubico
- Titan Security Key - Google
Further Reading
https://its.wsu.edu/documents/2023/10/mfa-otp-c200-user-guide.pdf
https://www.nytimes.com/wirecutter/reviews/best-security-keys/