Hard tokens

Frequently asked questions about hard tokens, explaining what hard tokens are and how and when to use hard token during 2-step authentication enrollment.

The following questions and answer are designed to help you better understand hard tokens—what they are, when they are used as a method for 2-step authentication, and who can help you with the installation and setup.

What is a hard token?

A hard token, also known as a security token or authentication token, randomly generates and displays a one-time code. This code authenticates your Availity user account and permits log in to Availity Essentials.

Depending on the type of hardware device that you purchase, the code can either display on the computer or on the panel of the token device.

Who would use a hard token for 2-step authentication?

If you do not have access to a direct-line office phone, cell phone, or tablet at your organization, you can use a hard token as a method to enroll in 2-step authentication. Your organization might require that each employee authenticate using hard token devices instead of using a cell phone or tablet device.

Who will set up and install the hard token?

If you need assistance in installing the hard token, ask your IT administrator, someone at your company's help desk department, or a representative from your third-party IT vendor. Once the hard token is installed on your computer, then refer to the How to Set Up Hard Tokens page. To finish setting up the hard token device, refer to the manufacturer's instructions on how to scan the QR code or enter the secret key.

Important:
The hard token you use for Availity 2-step authentication must be based on the open authorization protocol also referred to as the OAuth framework. Please note that Availity Client Services cannot assist you with the installation, setup, or troubleshooting of hard token devices. Availity also does not cover the cost of purchasing a hard token device.
Can I have both google authenticator and a hard token device as 2-step authenticationmethods?

No, you cannot install both Google Authenticator and a hard token device. You can have only one of these methods set up with Availity—either the Google Authenticator app or a hard token device—but not both.

What happens if I already have google authenticator or a hard token device already set up?
If you have Google Authenticator or a hard token device set up and you try to add another open authorization device, a warning message displays that detects you already have one of these time-based devices:
Image of warning message that displays when you already have a security device set up.

For more information on how to replace a current instance of the time-based device, see Replacing a current open authorization method.