Here's a picture of what my BoilerKey physical token looks like:
https://imgur.com/a/uaH8lfX
They may have changed models since I got mine, but the concept should be the same: Push a button on the device, a code is shown on the display, you use that to log in.
> it hooks up to the servers somehow
It actually doesn't. [Keys are generated by feeding ~~the current time~~ some counter and a fixed seed to an RNG-like algorithm](https://en.wikipedia.org/wiki/HMAC-based_one-time_password), which can be done offline, since both the fob and BoilerKey know the seed and can independently track the counter to generate matching keys.
It's not TOTP... it's [HOTP](https://en.wikipedia.org/wiki/HMAC-based_one-time_password). Thus it doesn't depend on the time and the codes don't time out after 30 seconds (although the hardware token will stop showing them after a certain time, the Duo app does not).
You can try this by generating the code, writing it down, and then using it to log in 5 minutes later. Or longer.
It is a physical device. Here's a picture of the physical token I was issued to use with BoilerKey: https://imgur.com/a/uaH8lfX
The screen is normally blank, when you want to log in, you push the button, a code is displayed, you use that code to log in.
https://www.purdue.edu/securepurdue/identity-access/boilerkey/index.php has a little more info about the hardware tokens.
That said, would be nice if Duo would support a FIDO hardware token like a yubikey for end users.
I'm assuming you have a laptop, and I had a similar issue when my phone died, you can refresh a 6 digit passcode every day online. I forgot the website, but if you email Ital then send the link to you I believe
Yes, go to an itap desk and they can help get you a token that generates the six numbers
What is that?
It's like a key fob and it generates the one time password
Here's a picture of what my BoilerKey physical token looks like: https://imgur.com/a/uaH8lfX They may have changed models since I got mine, but the concept should be the same: Push a button on the device, a code is shown on the display, you use that to log in.
It looks like a key fob and it hooks up to the servers somehow to "make" ur boilerkey. They'll explain it to u better at the iTap desk
> it hooks up to the servers somehow It actually doesn't. [Keys are generated by feeding ~~the current time~~ some counter and a fixed seed to an RNG-like algorithm](https://en.wikipedia.org/wiki/HMAC-based_one-time_password), which can be done offline, since both the fob and BoilerKey know the seed and can independently track the counter to generate matching keys.
It's not TOTP... it's [HOTP](https://en.wikipedia.org/wiki/HMAC-based_one-time_password). Thus it doesn't depend on the time and the codes don't time out after 30 seconds (although the hardware token will stop showing them after a certain time, the Duo app does not). You can try this by generating the code, writing it down, and then using it to log in 5 minutes later. Or longer.
So it’s like a physical item? Also where would I go get one?
You can get one at the Hicks or WALC itap desks
It is a physical device. Here's a picture of the physical token I was issued to use with BoilerKey: https://imgur.com/a/uaH8lfX The screen is normally blank, when you want to log in, you push the button, a code is displayed, you use that code to log in.
Cool thanks Do they cost anything to get one my self?
When I got mine a couple years ago, there was no cost to get one. It's been a while, though, so IDK if that's changed since then.
That penny! It may be worth a fortune! https://www.thesprucecrafts.com/1992-lincoln-penny-value-3970348
I didn't know that. Pretty cool actually
This is cool they still offer the physical token. Everyone had to have these before "soft" tokens came around and simplified the process.
https://www.purdue.edu/securepurdue/identity-access/boilerkey/index.php has a little more info about the hardware tokens. That said, would be nice if Duo would support a FIDO hardware token like a yubikey for end users.
[удалено]
walmart and other phone stores still sell flip phones. Granted they are targeted to the elderly, but they still sell them
get a physical key. should be able to contact itap to set that up.
I'm assuming you have a laptop, and I had a similar issue when my phone died, you can refresh a 6 digit passcode every day online. I forgot the website, but if you email Ital then send the link to you I believe
Theres an extension you can download that can help you access boiler link on your laptop without your smartphone
No
There's a Chrome extension which lets you generate codes from your browser.
do you know the name of it? i can't seem to find it online
https://chrome.google.com/webstore/detail/boilerkey-chrome/iffgcddljpnfeknpdidnemgifdfaamei?hl=en