The window for using a number is actually a bit longer than the 32 seconds the authenticator affords you. Your authenticator might have moved on to the next number, but the server will let you use it to log in for a few more seconds. This allows for uncontrollable variables such as a slight mismatch between the clock in your authenticator and the clock in the server. If you experience an inability to login multiple times, contact the IT Service Center.
Both the authenticator and the sever have a clock that is closely synchronized, so the server 'knows' what number the authenticator is showing at any given time. The correct one-time password in combination with the user login and PIN allow access to the secured information.
The button on the authenticator only activates the display, which is otherwise left blank to conserve the battery. The display is active for only 15 seconds. The authenticator produces new numbers every 32 seconds whether the display button is pressed or not, so you may see the same number multiple times or you may see a number change quicker than 30 seconds.
If you are done with your work associated with OTP, but will remain CU, you might keep it in case you need to use the OTP system in the future. If you are leaving CU you may return the authenticator to the IT Security Office through campus mail (UCB 455) and your account will be deactivated.
You should report the loss of an authenticator in a timely manner so it can be disabled.The IT Service Center can help you get a replacement authenticator. You may be required to pay for a replacement.
Your authenticator may have failed, the battery may have died, or the clock might have drifted in which case it will need to be replaced. Contact the IT Service Center for help. The service center will make sure you are using the authenticator assigned to you and lead you through a test login to verify that the device requires replacement.
The OTP system is a great deal more secure than a traditional username and password. Since each login event is unique, if someone captures your login information they still cannot log into your account with it. A stolen number from the authenticator is not going to work a second time. It is still important that you do not share your authenticator or write down the PIN.