Before you start activating 2-factor authentication, please read carefully the instructions under the Overview section. Only after understanding the procedure, you should follow the instructions on this page to activate the procedure.
In order to use 2FA, the first step is to activate the feature once. To do this, you will need a student ID card or a employee ID card. If you do not have either of these at hand, please contact the IT Helpdesk. After successfully entering your data on our registration page, you will receive one-time access data to the 2FA portal by e-mail. As soon as you are successfully logged into the 2FA portal, you can activate various tokens there. In principle, you can create as many tokens as you like and choose between the following two variants: TimebasedOneTimePassword (TOTP) and WebAuthn (hardware security chip). Please refer to the corresponding instructions 2. a), 2. b) or 2.c) on this page for how to activate them and for further information on the variants. In most cases, the TOTP method with Authenticator app is the most flexible and easiest. Alternatively, we recommend the use of a USB security stick. The data centers are happy to support all employees/departments/specialties in obtaining USB security sticks. To do so, simply contact our IT help desk by e-mail. If all these procedures do not work for you, you can also contact our IT helpdesk to find a suitable solution for you.
IMPORTANT: Please ensure that you either already have a TOTP-enabled app installed and handy, or have a USB security stick connected before performing the following steps.
The Timebased-OneTimePassword (TOTP) is a time-based token (a 6-digit number that changes every 30 seconds). To use this method, you need an app or program on your device that can generate such TOTPs. If you do not have a trusted authenticator app installed yet, we recommend using the privacyIDEAAuthenticator app. The app is available for both Android and iOS. Of course, if you are already using another authentication app (for example Microsoft Authenticator), they will work just as well.
With WebAuthn, your USB security stick takes over the token function. When logging in to supported university services, the system checks whether the stick is connected to your terminal device and you must also confirm this by "pressing a button" (touching the round symbol) on the stick. To use the procedure you need a USB security stick that supports the FIDO procedure. To activate this as a token, proceed as follows:
With WebAuthn, a security chip (hardware) takes over the token function. When logging on to supported services, the presence of the chip is checked and, depending on the device, confirmation is required using a biometric function (fingerprint or face scan). In order to be able to use the procedure, the following points must be fulfilled:
To activate this token, proceed as follows:
You can reach the portal for managing your 2FA tokens at 2fa.hochschule-trier.de.
Area - Alle Token
After logging in, you will automatically land on an overview page with all your tokens. You can see at a glance which tokens you have activated. By clicking on the serial number of a token you will get to its detail page. On this page you can delete the token, deactivate it temporarily, change the description or even test the token.
Area - Token ausrollen
In this area you can activate new tokens. Basically you are free to create as many tokens as you want. However, we recommend to activate at least two. This way, logging in is still possible even if you lose a token. For example, you can use a USB token and an Authenticator app on your smartphone. If you lose the USB token, you can still log in using TOTP from the app and deactivate the lost USB token in the portal.
You are leaving the official website of Trier University of Applied Sciences