One-time password via KeePassXC

Contact

IT Service Desk

+49 441 798-5555 Please contact the IT Service Desk preferably by email, as there is only one phone line available. The IT Dienste will call you back if you leave your telephone number.

Mon-Thu 9:00-15:30 Fri 9:00-12:00

IT Service Desk

Service portal

IT Consultancy

IT-Dienste executives

One-time password via KeePassXC

A TOTP (time-based one-time password) serves as an additional security factor to your university password and increases protection against phishing and hacking attacks. Each TOTP is only valid for a single use, and therefore cannot be used a second time.

If you like to log in with your PC for an application that requires a TOTP (e.g. webmail), you can generate such a TOTP via KeePassXC.

Always check the function of a new factor before logging out of the 2FA portal.

If you have a smartphone or tablet, please use the TOTP generation via app, as this is even safer in comparison!(1) The use of KeePassXC described here is merely a substitute solution if you do not have a mobile device, and for additional protection in the event of device loss.

Attention, TOTP creation with KeePassXC is prohibited for official use by official instructions.

Please note that TOTP creation with KeePassXC is prohibited for official use by official instructions. As higher security requirements are set for the university service, a media break(1) is always required when using two-factor authentication.

For business use, it should therefore always be ensured that the two factors originate from different sources.

(1) When using KeePassXC, NO other device is required for further identification - so there is no so-called media break. For this reason, its use is less secure in comparison.
A media break always occurs when the medium is changed during the processing of information within the transmission chain. This means that there is a break in the transmission and the recorded data cannot be continuously processed for further processes.

Step 1: Using KeePassXC and setting up a new database

KeePassXC instructions: Setting up a new database

Step 2: Register KeePassXC in the 2FA portal

Register the KeePassXC in the 2FA portal of the University of Oldenburg

Step 1: Log in to the 2 FA portal
Step 1: Log in to the 2FA portal of the University of Oldenburg
Step 2: Select authentication method for registration
Step 2: After logging in to the 2FA portal, the overview of your authentication methods opens. Select the + option to add a new authenticator.
Step 3: Select method
Step 3: Now select the "One-time password (TOTP)" option
Step 4: Enter identification name
Step 4: An input mask opens for creating the connection with an OTP code generator. The fields entered here are mainly for your own identification. Assign names that are related to the code generator used. (1tes. Display name field - Recommended display name [KeePassXC], 2tes. Service name field - Recommended name [KeePassXC], 3rd field - Account name - Recommended. Account name field - Recommended - Use own account name [abcd1234] scheme)
Step 5: Select TOTP method
Step 5: Select the "Manual TOTP" tab here to select the TOTP method.
Step 6: Switch secret visible
Step 6: Make the secret visible by clicking on the lock next to the first field.
Step 7: Copying the common key
Step 7: Double-click on the now visible secret key to select it completely and then copy it to the clipboard using Ctrl+C. (These two steps can also be carried out instead by right-clicking and making the appropriate selection from the context menu).
Step 8: Inserting the key into KeePassXC
Step 8: Switch to the KeePassXC application. Here you add the 2FA TOTP connection to an entry that has already been set up. This is done by clicking on the entry with the right mouse button. In the context menu that appears, please select "TOTP" and then "Set up TOTP ...".
Step 9: Insert secret key
Step 9: Paste the secret key into the first field "Secret key" with Ctrl+V and confirm with the "OK" button. A clock symbol will now appear in front of your entry, confirming that KeePassXC has been set up correctly as a token. Now KeePassXC can generate TOTPs for it.
Step 10: Test the function of KeePassXC TOTP
Step 10: To test the function of KeePassXC TOTP generation. Switch to the 2FA page in the browser again and select the TOTP method you have just created.
Step 11: Start method test
Step 11: To start the method test, click on the "Test method" button
Step 12: Generate TOTP with KeePassXC
Step 12: To generate a TOTP with KeePassXC, switch to the KeePassXC application. Here you can display your current TOTP at any time by right-clicking on the entry and selecting "TOTP" and then "Show TOTP".
Step 13: Copy TOTP
Step 13: The number now displayed is the one-time password TOTP, which is valid for 30 seconds and serves as the second factor for logging in. Copy it by pressing the "Copy" button. The scrolling bar shows you how long the TOTP is still valid.
Step 14: Finalise methods test
Step 14: To complete the method test, switch back to the browser on the 2FA page and insert the TOTP in the field next to the lock using Ctrl+V. Finally, click on Test. The result will be displayed. If the test is successful, you have completed the setup.
Service Desk (Changed: 15 Jul 2025)  Kurz-URL:Shortlink: https://uole.de/p108673en
Zum Seitananfang scrollen Scroll to the top of the page