A TOTP generator app generates a new one-time password every 30 seconds and can be used via a mobile device.

To do this, you need to install and set up a TOTP generator app: 

Setting up the TOTP generator app

A hardware security key is similar to a USB stick. Both official and private hardware security keys can be used. University employees receive such a device on request.

The device must be set up once for use in the university network:

Setting up your hardware security key

Even if you use a YubiKey, we still recommend installing the smartphone app, too. You can then use both methods alternatively and retain access to your data even if one of them is lost or damaged.

Important: The recommended method for generating a one-time password (TOTP) is to use a suitable additional hardware device (smartphone or tablet or the YubiKey USB dongle). Students who do not have one of these devices can use password generation via KeePassXC instead.

This method expressly does not apply to official use by employees! 
Only option 1 (smartphone/tablet) or option 2 (Yubikey) mentioned above are permitted for official use.

Two-factor authentication (2FA) describes authentication with more than one factor, i.e. logging into IT systems with a password and an additional protection mechanism. This prevents unauthorised third parties from gaining access to data or functions simply because they have obtained your password. It is important that the factors come from different categories, i.e. a combination of knowledge (in this case the password) and possession (in this case the TOTP generator on a smartphone or the YubiKey).

If you have lost or forgotten your hardware key (YubiKey) or your device with the TOTP app, you can only log into the university network if you have set up an additional second factor. In addition to the YubiKey, for example, the smartphone app or, in addition to the smartphone app on your mobile device, another app on a second device or a password manager that can create TOTPs on a PC. You can use this to log in to the 2fa.uol.de portal and, among other things, remove the lost 2nd factor. If you have received a new second factor, you can set it up again via the portal.

If you have not set up an additional second factor, please contact the IT Service Desk on 0441-798-5555 or the IT consultancy in the Haarentor library. There you will receive an emergency password with which you can log in to the portal 2fa.uol.de to set up an additional second factor.

Note for employees:
If you lose your work YubiKey, please report this to Division 1.

Functional accounts are initially excluded from the regulations on mandatory 2FA use, which will apply to the other personal accounts at the above-mentioned time. Registration of a 2nd factor for functional accounts is therefore technically prevented for this reason

The reason for this is that functional accounts are used in a wide variety of ways and an established 2nd factor can cause problems in the normal use of the functional account.

All employees or holders of a functional account will be informed separately as soon as the functional accounts are also required to use a 2nd factor. The 2nd factor will only become mandatory for functional accounts as soon as a solution has been established that covers the respective usage options.

Note: Only active employees have the option of creating a functional account. This information is therefore not relevant for students.