One-time password generator (TOTP service) via smartphone app

Contact

IT Service Desk

+49 441 798-5555 Please contact the IT Service Desk preferably by email, as there is only one phone line available. The IT Dienste will call you back if you leave your telephone number.

Mon-Thu 9:00-15:30 Fri 9:00-12:00

IT Service Desk

Service portal

IT Consultancy

IT-Dienste executives

One-time password generator (TOTP service) via smartphone app

A TOTP (time-based one-time password) is a 6-digit number. Such a one-time password can only be used once. To set up the TOTP procedure, you need the university's 2FA portal and a mobile device (e.g. smartphone or tablet) with which you can scan a QR code.

Prerequisite: Install the TOTP app

2FAS-Logo: ein rotes Schutzschild, darauf drei weiße Balken

Install the TOTP service as an app on your mobile device. Select an app that matches the device's operating system. In principle, you can use any authentication app. We recommend using the following free app :

2FAS (works for Android and iOS) (works for Android (Link) and iOS (Link)) Please select “2FAS Auth”.

Alternatively: Aegis (Android)

If you already use another TOTP service, you can also use it for two-factor authentication at the University of Oldenburg.

Please remember to secure access to your TOTP app (e.g. by locking your phone screen) if you are not using it.

Step-by-step instructions: Register the TOTP app in the 2FA portal

Always check the function of a new factor before logging out of the 2FA portal.

Visit the 2FA portal of the University of Oldenburg and complete the registration by doing the following steps:

Step 1: log in to the 2 FA portal
Step 1: Log in to the 2FA portal of the University of Oldenburg
Overview of authentication methods
After logging in to the 2FA portal, the overview of your authentication methods opens.
Step 2: Select authentication method for registration
Step 2: Select the + option to add a new authenticator.
Select "Einmalpasswort (TOTP)"
Step 3: QR code
Step 3: An input screen for creating a QR code opens. The fields shown here are mainly for your own identification of the one-time password in the app of the mobile device. Explanations for the image: 1: Shows the displayed name of the TOTP method 2: Leave as default for the first registration, 2ND_Token for a second TOTP code. 3/4: These fields can be filled in as required. 5: Generation of the QR code
Step 4: Open the 2FA app. During the setup process, you will be asked to scan the QR code that has just been generated. After the setup on the mobile device, be sure to click on the "Save" button to finalise the setup.

⚠️ After clicking the “Generate QR code” button (see image arrow 5), do not edit the contents of the text fields above, as any changes will alter the content of the QR code and a previously scanned QR code would generate an incorrect one-time code!

However, after changing the text fields, you can press the “Generate QR code” button again at any time and then scan it directly to generate a valid one-time code.

Important: Scan the QR code with the 2FA app, not with the regular camera app!

Step 5: Pair new service
Step 5: Select "+ Pair new service" in the app You may be prompted to synchronize with Google Drive or similar. Please do NOT do this!
Step 6: Camera authorization
Step 6: If you are asked for authorisation to use the app, select "+ Pair new service" in the smartphone camera. (You may be prompted to synchronise with Google Drive or similar. Please do NOT do this!)
Step 7: Scan QR code
Step 7: Allow the use of the smartphone camera when authorisation is request.
Step 8: TOTP
Step 8: Scan the QR code from the PC screen with the smartphone camera
Step 9: Enter the TOTP code in the 2FAS portal
Step 9: After scanning the QR code, an initial time-based TOTP (one-time password, 6-digit numeric code) is displayed. The setup is now complete.
Step 10: Now save the configured method using the "Save" button.
In the 2FA portal, you can now see in the overview of your authentication methods that the "One-time password (TOTP)" method is registered.

Please be sure to test the 2FA login now!

Step 10: 2FAS app is registered in the 2FA portal
Step 10: In the 2FA portal, you can now see in the overview of your authentication methods that the "One-time password (TOTP)" method is registered. You can recognize this by the green frame and the tick in the top right-hand corner.

Test one-time password functionality (TOTP) after setup

Important: First register the installed TOTP app once in the 2FA portal so that testing can begin.

Step 1: Log in to the 2FA portal of the university and click on one-time password (TOTP) in the overview of your authentication methods (or other methods if you want to test them):

Step 2: Click the "Test method" button next to the defined name of the method:

Step 3: Enter the one-time password (TOTP) from your TOTP app in the mobile device, which is currently displayed there, and then click on the "Test" button.

Step 4: If the method is set up correctly, the system returns the message "Test successful" with a green tick. 
The test is now successfully completed.

Application: Use Flex OTP as a second factor for authentication

If you now want to log in to a service (such as VPN or webmail) with your device, a one-time password (so-called Flex OTP) is requested in the login screen. To do this, open the TOTP app and use a TOTP generated there. TOTPs are generated automatically; the app creates a new TOTP every 30 seconds. This ensures that it is temporary and can only be used once.

FAQs

What happens if I lose my smartphone?

If you lose your TOTP generator, e.g. by deleting the app or changing your device, please contact the IT service desk. We will then check the best way for you to register a new TOTP generator. In order to minimise the effort for everyone involved, you should register a second TOTP generator on a different device as a precaution .

Can I use my private mobile device to generate a TOTP?

Yes, if possible, please use a mobile device to generate one-time passwords. The TOTP generator does not access any data flow on the mobile device or your telephone number.

The app synchronises itself by registering it via a time stamp. Your mobile device contains a clock and can assign such a timestamp. This is the only synchronisation that takes place. The devices do not otherwise come into contact with each other. The app also does not require a telephone number for this process. There are therefore no risks involved in using your private device at this point.

Instead of a smartphone, you can also use another mobile device to generate TOTPs, e.g. a tablet.

Service Desk (Changed: 14 Aug 2025)  Kurz-URL:Shortlink: https://uole.de/p108619en
Zum Seitananfang scrollen Scroll to the top of the page