The Short Answer:
You don't have to worry about that message unless you get it after you've been
logged in for a long time and you suddenly find yourself not being able to
write to or read from a directory that you could get to before. If this
and enter your password when prompted.
The Long Answer: (if you are interested in what exactly is going on...)
The Andrew File System (AFS) is used to store nearly all file systems
on Athena. Access permissions are controlled under AFS by means of a
security manager which keeps track of what AFS cells you have "tokens"
for (when you attach a filesystem in a specified cell, the attach
program automatically generates tokens for you for that cell).
However, these tokens expire ten hours after you have logged in,
because they only last as long as your kerberos tickets (which also
expire in ten hours).
Therefore, if you are logged in for ten hours, your tokens expire and you
have to get new kerberos tickets (using kinit) and then new tokens for the
cell in question (using aklog, which is what attach uses to authenticate
you). You can also just use the "renew" command will will perform all
the right commands (including kinit and aklog).
If you get that message just when logging in, it means that you have used that
same workstation before, over ten hours ago, so there are old tokens for you
in the security manager, and AFS is informing you that they've already expired
(actually, they expired quite a while before you logged in, probably, but you
haven't been informed yet).
Note the mention of "workstation" above – tokens are on a per workstation
basis, so you'll get tokens expired message when on the same workstation from
which they were originally obtained.
If you're curious, you can type "tokens" to see what tokens you currently