Guide

Two-Factor Authentication (TOTP)

Two-factor authentication (TOTP) provides an additional layer of security during login. Once activated, a time-based one-time token is required in addition to your username and password. By default, so-called software tokens are recommended for generating OTPs, which can be created using a smartphone and an authenticator app. Additionally, tokens can be generated using the KeePassXC software on a PC or Mac. Instructions for setting up TOTP with KeePassXC are available at https://www.urz.uni-heidelberg.de/en/support/how-tos/set-up-keepassxc-as-a-token.

Step 1: Login

Step 2: Open the TOTP management page

After logging in, navigate to Identity → Two-Factor Authentication (TOTP). The table will not yet show any entries.

Click the + Activate TOTP button in the upper right corner. A new dialog will open.

Step 3: Scan QR code and enter token

Scan the displayed QR code with your TOTP app. Alternatively, you can enter the displayed key manually in the app.

Please note:
Keep this key secret and never share it with anyone!

Then enter the 6-digit token generated by your app into the Token field and click Activate key.

Note:
If you experience problems during verification, please make sure that the time on the device used to generate the tokens is correctly synchronized, and wait 30 seconds before your next attempt.

Step 4: Verify activation

After successful activation, an entry will appear in the table showing the activation date and the partially redacted key.

From now on, in addition to your username and password, you will need to enter the current TOTP token from your app when logging in.

Once TOTP has been activated, the key can be used on additional devices. To do so, click + Show QR code. The key remains unchanged until the entry is deleted and recreated.

Lost your key / unable to log in?
If you have lost your key and can no longer log in, please contact us by email at heicloud@uni-heidelberg.de.