Posted: October 25, 2022
Author: Federal Student Aid
Subject: TFA Information – Soft Token Instructions
Two Factor Authentication (TFA) is the security process through which an authorized user is required to enter two forms of “authentication” to access one of our Federal Student Aid (FSA) systems. TFA is required to access the Common Origination and Disbursement (COD) website, Electronic Cohort Default Rate Appeals (eCDR Appeals), FAA Access to CPS Online, FSA Partner Connect, National Student Loan Data System (NSLDS®) Professional Access, Student Aid Internet Gateway (SAIG) Enrollment, and the EDconnect software.
TFA requires each authorized user to log in with an FSA User ID and password as well as provide a security code generated by a registered token device. There are two types of token devices:
-
A physical “key fob” token that is in the physical possession of the user. It generates a security code when the user presses a button on the front of the token.
-
A “soft token” that is an application (app) on the user’s mobile device. It automatically generates the security code when the app is opened.
In this announcement, we explain why we recommend use of a soft token and provide updated step-by-step instructions for installing and registering a soft token. In addition, we answer commonly asked questions about switching to a soft token.
Soft Tokens – Recommended for All Users with PDPA Approval
Use of a soft token is optional. However, users who have a compatible mobile device and who have received approval from their Primary Destination Point Administrator (PDPA) are highly encouraged to use the soft token app. A soft token provides the same high level of security as the physical token, while offering greater convenience as there is no additional hardware to carry.
If a user receives approval to transition to a soft token, the PDPA must collect and store the unused physical token.
Step-by-Step Instructions
The first attachment to this announcement (titled “How to Switch from a Physical Token to a Soft Token”) provides updated instructions for transitioning to a soft token. The information is for users who are currently using a physical token to log in to FSA systems and who have received approval from their PDPA to switch to the soft token app.
The second attachment to this announcement (titled “How to Install and Register a TFA Token for New Users”) provides detailed information on both the soft token app and the physical token and is aimed at new users of TFA. We recommend that the document is stored by each institution’s PDPA and be provided to staff during the enrollment process.
Note: As a reminder, a user must have an FSA User ID and password prior to registering a token. To obtain an FSA User ID, select the FSA User ID Registration tab on the left side of the SAIG Enrollment website home page, provide identifying information, and follow the remaining registration steps. Once the registration process (which includes password creation) has been completed, including establishing a password, the FSA User ID will be emailed to the user.
Contact Information
If you have questions about TFA or the use of a soft token, contact the TFA Support Center at 1-800-330-5947, option 2 or by email at support@aimstfa.ed.gov.
For questions specific to downloading or installing an application on your mobile device, we recommend you contact the manufacturer or vendor of the device.