. .

What's New?

ODS VPN BuckeyePass Information

Users of the ODS VPN will soon be required to use the BuckeyePass Token to authenticate. Check out the BuckeyePass website for information.

PGP Encryption

Departments and colleges around the university began implementing this encryption technology. Resources are available for Department Network Administrators (DNAs)

Hot Topics

Incident Response

BuckeyePass Token FAQ

Below are commonly asked questions about BuckeyePass Token. If your question is not shown below or you need additional information, please contact 8help at 8help@osu.edu or 614-688-HELP (4357).

General Questions

  1. What is the BuckeyePass Token?
  2. How do I activate my BuckeyePass Token?
  3. Why do I need a BuckeyePass Token?
  4. What do I do if I lose my BuckeyePass Token? Who do I report my lost token to? How do I replace a lost token?
  5. When does my token expire?
  6. What do I do if I need to work from home or a location other than my office?
  7. What do I do if I forget my activation password?
  8. What do I do if I forget my activation code?
  9. What is the difference between my PIN and my passcode?
  10. Where do I go to get my token?
  11. What do I do if I forget my PIN?
  12. What are the security Q&A? Why do I need to set these up?
  13. What if my USB port is broken or inoperable? Can I still use the token?
  14. What do I do if I forget my token at home?
  15. What is the value of the token?
  16. Is there a battery in the token?
  17. How does the token know that the six digits are correct?
  18. What if my token isn’t working?
  19. What do I do if my token is damaged?
  20. I am transferring to another department/unit. Can I use the same token?

Managers/Human Resource Professionals

  1. What happens to the token when an employee terminates?
  2. What do I need to know about employees transferring?
  3. Who do I report new hires, transfers, terminations, or retirements to?
  4. Am I responsible for recovering the token from employees leaving the university or my department/unit?

General Questions

What is the BuckeyePass Token?

The BuckeyePass Token is the second component of the two-factor authentication system that is being installed on critical information systems. The token itself has a series of six numbers (tokencode) that changes every 60 seconds, and is used in conjunction with your alpha-numeric PIN code when you log into a system.

How do I activate my BuckeyePass Token?

Activating the BuckeyePass token is easy! Go to the https://buckeyepass.osu.edu web site, and click on “Activate an approved token”, and follow the directions. Once you’ve followed the directions, you must also return to the BuckeyePass home page, and click on “Set Up Q&A Authentication” for your activation to be complete.

Why do I need a BuckeyePass Token?

The system that you’ll be using has very sensitive information contained within it. This information is very important, and access to the information needs more secure authentication than a password alone can provide.

What do I do if I lose my BuckeyePass Token? Who do I report my lost token to? How do I replace a lost token?

You must call the IT Service Desk at 614-688-HELP (4537) and report the token lost. Then, request a new token from the web site.

When does my token expire?

Each token has an expiration date imprinted on the back of it.

What do I do if I need to work from home or a location other than my office?

Some applications are very limited as to where they can be accessed. Please check with your system administrator for details regarding access from other locations. If the system allows remote access, your BuckeyePass token will work just as it would in your office.

What do I do if I forget my activation password?

The activation password is very important to the activation process. If you have received a token, and have forgotten your activation password, the token must be returned to IT Service Desk, 25 Central Classroom Building, and you must request a new token.

What do I do if I forget my activation code?

If you have forgotten your activation code, please call the IT Service Desk at 8-HELP (688-4357) and your activation code can be e-mailed to you.

What is the difference between my PIN and my passcode?

This terminology can be very confusing. With 2-factor authentication there are two components that you need to provide to authenticate. The two factors are “something you have” and “something you know”. Like when using your ATM Card, the PIN code is something that you must know to authenticate.
However, unlike when using your ATM Card, the BuckeyePass PIN code can be either upper or lowercase letters or numbers, or a combination of upper- and lowercase letters and numbers. The TOKENCODE a 6-digit number that appears in the display window of your token. This number changes every 60 seconds, and there is a small gauge to the left of the numbers that gets smaller as the 60 seconds expire.
The PASSCODE is a combination of your PIN code and your tokencode. If your alpha-numeric PIN is GoBucks, and your token displays the numbers 123456, your PASSCODE is GoBucks123456.

Where do I go to get my token?

Your application manager will instruct you on where to get your token.

What do I do if I forget my PIN?

Navigate to the https://buckeyepass.osu.edu web site, and click on “Change Your PIN”. The next screen will display a drop-down menu asking you for an “Authentication Method”. Select “Q&A”, and follow the instructions to reset your PIN.

What are the security Q&A? Why do I need to set these up?

The Q&A authentication is set up for your ability to manage your token via the https://buckeyepass.osu.edu website. If you’ve forgotten your PIN, you’ll need to answer the questions that you set up via Q&A.

What if my USB port is broken or inoperable? Can I still use the token?

Yes, the USB port does not effect the use of the token.

What do I do if I forget my token at home?

Your token is required to log into critical applications. You may request an additional temporary token with proper ID, but remember, the request must be approved by your application manager. It may be better to just go home and get your token.

What is the value of the token?

There is a cost to replace lost tokens. An effort is currently underway to determine who bears the lost token charge (the department or the user) and how much that charge will be. Once these questions are resolved, the information will be posted here. Setting aside the replacement cost issue, a lost token will require your time and effort to replace - put the token on your keychain or lanyard to ensure that you do not lose it.

Is there a battery in the token?

Your token does not have a battery that can be replaced. However, tokens have a shelf life of approximately 3 years. There is an expiration date on the back of your token. There will be another distribution of new tokens a few months prior to that expiration date.

How does the token know that the six digits are correct?

The token is synchronized with the token server each time you log in. Every time the number on the token changes (every 60 seconds) it changes on the server too.

What if my token isn’t working?

Go to the BuckeyePass website and select Test Your Token. If your token still continues to not work, then call 8-HELP (688-4357).

What do I do if my token is damaged?

If your token is damaged, and is unreadable, you must get a replacement. Request a replacement from the BuckeyePass web site.

I am transferring to another department/unit. Can I use the same token?

When you transfer, you should turn your token in to your application manager. If you need a token in your new department, a new one will be assigned.

Managers/Human Resource Professionals

What happens to the token when an employee terminates?

When the token is turned in to OIT Customer Services, it is de-assigned from the current user, and reassigned to a different user.

What do I need to know about employees transferring?

Tokens must be returned to OIT Customer services when an employee transfers.

Who do I report new hires, transfers, terminations, or retirements to?

New hires should request a new token from the web site, or the hiring manager may also request a token for this user from the web site. Transferred, terminated, and retired employees should return the token to you, and you should send an e-mail to 8-HELP@osu.edu indicating that the token should be disabled. The token is to be turned in to OIT Customer Services as soon as possible.

Am I responsible for recovering the token from employees leaving the university or my department/unit?

Yes. Tokens should be treated the same as keys. Please collect the token when the employee leaves the university or department/unit.