UTORMFA to replace eTokens for high security applications

Information Security is pleased to announce that eToken authentication for high security applications that use AdminVPN, including AMS, ROSI, ROSI Files, Rocket Shuttle, StarRez and Unit VPNs, will migrate to UTORMFA on November 27.

All other eToken applications (i.e. those that don’t require AdminVPN) are already UTORMFA enabled. To login with UTORMFA simply click “Send me a push” on the weblogin page.

UTORMFA has already been adopted by over 11,500 members of the U of T community. UTORMFA, powered by DUO, is a software based multi-factor authentication method that authenticates user logins via prompts sent to a user’s phone. This authentication method is easy to use, quick to set up and secure. If you haven’t already done so, sign up for UTORMFA today.

Users will find it quick and convenient to use UTORMFA, especially with an increasingly hybrid work environment.

Key project details:

Cisco AnyConnect Configuration Update – November 8

In preparation for the migration on November 27, local IT administrators will deploy an updated Cisco AnyConnect AdminVPN profile to users’ computers before November 8. After the deployment, users will see the current AdminVPN (port.eis.utoronto.ca) and the new AdminVPN (admin.vpn.utoronto.ca). This new admin.vpn.utoronto.ca will be fully activated on November 27 – please continue to use port.eis.utoronto.ca until this date. 

Migration Details

After November 27, eTokens will no longer be issued to new users. These users will need to be on-boarded with UTORMFA instead. Though some applications may continue to accept eToken, we highly recommend that users switch to UTORMFA as soon their application is supported. In February 2022 eTokens will be retired. After retirement, eTokens must be returned to your local eToken administrator/departmental administrator.

Digital Signing

Anyone using eToken Digital Signing will have to move to an alternative electronic signature solution before February 2022. No new eTokens will be issued after November 27, 2021, and new staff members will need to use an alternate solution for electronic signatures.

Project Dates


Aug. 29 and Sept. 12 AdminVPN migration testing successfully completed for Cisco AnyConnect.
Nov. 3  All eToken users need to be signed up for UTORMFA.
Nov. 8 All AdminVPN users have Cisco AnyConnect AdminVPN profile updated.
Nov. 27 admin.vpn.utoronto.ca is activated for all AdminVPN users and applications (including AMS, ROSI, ROSI Files, Rocket Shuttle, StarRez and Unit VPNs).
Nov. 27  eTokens will no longer be issued and all users should be using UTORMFA to access the new AdminVPN.
 Dec. 8 port.eis.utoronto.ca VPN will be deactivated and IT administrators will start removing the profile from the Cisco AnyConnect drop-down menu.
Feb. 2022  eToken retirement.

Learn more at an upcoming Connect+Learn session or view a recording of a past session. You can also visit Information Security’s website for more information about the eToken migration project.

Learn about UTORMFA and make sure to sign up before November 3!