General Purdue BoilerKey Questions
Getting Started With a Purdue BoilerKeyWhat if I don't want to use my Career Account Password in the Passcode?
General Use of Purdue BoilerKey Questions
Duo Mobile Smartphone App Specific Questions
Physical or Hard Token Specific Questions
Tip and Tricks
You can install and use the Duo mobile app on up to 2 mobile devices, for example on a smart phone and a tablet. If you’re using the Duo push option, enter the second device using “push2” as in: 1234,push2
At Purdue, these two forms of verification are something you know (career account and either a password or PIN) and something you have (a BoilerKey token or a application on your mobile phone). These two items are used in place of your password alone to gain access to computer applications and systems.
The BoilerKey comes in two forms, one of which is a small electronic device (known as a hard token) that displays a series of six digits when activated and the other is an application for your smartphone (known as a soft token) that displays the six digit code.
As the number of systems using the BoilerKey for access increases, your value in using the BoilerKey also increases.
For example, if you use your bank card to obtain cash from the ATM, the card is something you have and your ATM PIN is something you know. Combined, these two factors reduce the likelihood that an unauthorized person could obtain access to your account.
To Request Access:
7. How do I setup my new Purdue BoilerKey?
Getting Started - How to set up your key to begin using it the first time.
8. What is a BoilerKey passcode?
A BoilerKey passcode is a 6-digit number that is generated by pressing the button on your BoilerKey token. If you have set up a Duo Mobile BoilerKey with the Duo Mobile app on your smartphone, you can also generate a BoilerKey passcode with the Duo Mobile app:
9. What if I don't want ot use my Career Account Password in the Passcode?
The option to use a four (4) digit personal identification number (PIN) instead of your Purdue Career Account Password as part of the passcode is available. To set a PIN:
- Go to the Purdue BoilerKey Self Serve page.
- Click "Set my BoilerKey PIN" and provide your new PIN and click "Set New PIN".
Your BoilerKey Passcode will now be:
10. What if I can't login using the BoilerKey?
If you are currently using your Purdue career account password as part of your passcode
If you are currently using a PIN as part of your passcode
Try again using your PIN and the six digits displayed on your BoilerKey as the passcode in the password field:
Please note that the comma between the Career Account Password/PIN and the BoilerKey Code is required. If you are again unsuccessful, generate a new BoilerKey code and try again.
If you are still unsuccessful after the second try, visit the BoilerKey Self Serve site. Use the Re-Synchronize section of the page to re-synchronize your token.
11. Can I log in to the OnePurdue portal with my regular password?
No. Once you have been set up to use the BoilerKey, only the passcode will work. If your key is temporarily unavailable and you need access, please contact your Distributed IT Support Group or the ITaP Customer Support Center at: 44000 (on campus) or 765-494-4000 (off campus).
12. How does the current password policy affect me now that I have a BoilerKey?
You are still required to follow the every 180 day (or 90 day if you have additional privileges) password change policy for your Purdue Career Account.
13. What should I do if I lose my BoilerKey token?
If the BoilerKey is lost or if you suspect that it has been stolen or used by a third party, you should immediately report the BoilerKey as lost. Please contact your Distributed IT Support Group or the ITaP Customer Support Center at: 44000 (on campus) or 765-494-4000 (off campus).
14. What should I do if I have a problem with my smartphone that has my Duo Mobile BoilerKey?
If you have a problem with your smartphone containing your Duo Mobile BoilerKey, your Distributed IT Support Group or the ITaP Customer Service Center can issue you a 9-digit Duo Bypass code, which can be used in your BoilerKey password instead of the word push. So your BoilerKey password would look like BoilerKey PIN,123456789. Your smartphone will not be needed to use the Duo Bypass code. A Duo Bypass code can only be used once, and will expire one day from when it is issued.
Duo Mobile BoilerKeys are created and configured with the BoilerKey web application.
The steps involved in creating a Duo Mobile BoilerKey are shown in the following video.
17. What if my device cannot connect to the internet (bad cell phone signal, traveling internationally, etc.)?
18. How can I learn more about the Duo Mobile smartphone app?
Duo Mobile Guide for Android phones
Duo Mobile Guide for iPhone
Duo Mobile Guide for Windows phones
If you are trying to authenticate with your Duo Mobile BoilerKey, and the Duo Mobile app on your smartphone says "Account Not Found - A request was received for an account that is no longer paired to this device. To re-enable it, please contact your administrator.", then the Duo Server and your Duo Mobile smartphone app do not have the same BoilerKeys on file.
To fix this, remove any Duo Mobile BoilerKeys from your smartphone and from the BoilerKey web application, and then set up a new Duo Mobile BoilerKey in the BoilerKey web application.
To remove a Duo Mobile BoilerKey from your smartphone, press and hold where it says "Purdue University", and there should be a menu that pops up with a remove option.
20. What if my device is connected to the internet, but the Duo Mobile app is still not receiving PUSH notifications?
We've found that the best way to get the PUSH functionality working again is to request a new Duo Mobile BoilerKey, set that up, and then remove the old Duo Mobile BoilerKey (from the system and the app). Here's the least painful way to do this.
- Rename your current BoilerKey token in the Duo app. Long press on the name of the token (probably "Purdue University"), choose rename, and rename it to something like "old BoilerKey".
- Request a new Duo Mobile BoilerKey. You can request a new Duo Mobile BoilerKey via the "Set up a new Duo Mobile BoilerKey" function of the BoilerKey page. Remember the name you give the BoilerKey so you can tell which one is the new one and which one is the old one.
- Remove the old BoilerKey from the BoilerKey system. You can remove your old Duo Mobile BoilerKey via the "Manage my Duo Mobile BoilerKeys" function on the BoilerKey page. Be sure to choose the old BoilerKey name and not the one you just setup!
- Remove the old BoilerKey from the app. Long press on the title of the old BoilerKey (which you changed in step 1) and select "Remove".
21. I have an Apple iPhone, and can’t seem to get the Duo “push” message option to work.
Check the “Notification” settings for Duo mobile application settings, and make sure it is turned on. If it’s turned off, you won’t be able to receive the push notifications. Go to Settings->Duo Mobile->Notifications to check the notification settings.
22. I am trying to use the Duo “push” option, but it’s not working. It’s been working previously.
Make sure that you are network connection is working, either Wifi or cellular data. The push message requires a network connection. Optionally, if you’re in an area with poor network reception, click the small key icon in the Duo mobile app to get a 6-digit token code instead. Enter that along with your PIN mumber in for format of: 1234,98765
26. How do I use a BoilerKey token to generate a BoilerKey code?
The BoilerKey is designed to provide a six-digit code in the display panel of the device that may be used, as part of a passcode, to login to a computer application or portal. The BoilerKey generates and displays a seemingly random series of six numbers called the BoilerKey code. When combined with your Purdue Career Account, it is called the passcode and is used instead of the password for SAP Portal login.
To have your Purdue BoilerKey generate a new code, hold your token with the notched end for the key ring to the right and then press the button directly to the right of the display screen. The BoilerKey will display the new code for 25 seconds. If you need a new code, you can press the button and a new code will be displayed.
27. What happens if the number disappears while I am entering it into the application?
If you were able to put in the entire sequence before it disappeared, go ahead and submit it. The system is able to use BoilerKey codes that are within a limited time period.
If you need to generate a new code, press the button next to the display and a new code will be generated.
28. What happens if the display includes letters along with numbers?
There are two possibilities where letters could be displayed:
- Verify that you are holding the BoilerKey correctly. The token should be held so that the button is on the right side of the display. Some numbers appear to be letters if the BoilerKey is upside-down.
- If you are still seeing letters on the display, your token might be in diagnostic mode (If the button is held down for an extended period, the token will enter this mode). You will need to cycle the display back into token mode. To do this, you'll need to press and release the button until the display goes blank (this might take up to 15 times). The BoilerKey is now in token mode once again.
30. Can a BoilerKey be opened or tampered with?
It could, of course, be opened if the would-be hacker has the time and tools to do it. Opening the BoilerKey would most likely disable it, however. It would require an extensive effort to gain any information of value and by then you would have notified us that you no longer have the BoilerKey.
32. I received a hardware token, but I can’t seem to log in with it.
Using the 6-digit token code from your hardware token, combined with your 4-digit PIN number (1234 in the example), make sure you enter it in the following format: 1234,987654
Don't forget the comma!
33. I lost my hardware token. How do I log in?
If you’ve previously provided a mobile number for the BoilerKey Self-Recovery, you can use the Self-Recovery option to request a new hardware token, or set up new token on your smartphone using the Duo Mobile application.
If you have any questions, please send email to email@example.com.