IT Center Help

You are located in service: Multifactor-Authentication (MFA)

Authenticator App e.g. for Smartphone, Laptop or Desktop (TOTP)

guide

This page describes how to set up an authenticator app for Multifactor-Authentication (MFA).

An authenticator app is an app that shows a new one-time code every 30 seconds.

Follow these 2 steps to set up your app:

In this guide, we use the 2FAS-App, but you can use a different authenticator app.

1. Download Authenticator App

Step 1
Open the app store on your device.

Android: Google Play
Apple: App Store
Windows: Microsoft Store

Step 2
Download an authenticator app,such as:

For smartphones: 2FAS, Aegis, Apple Keychain (iOS only),...
For desktops or laptops: 2fast (Windows), Otpkey Authenticator (macOS), TOTP extension of the KeePassXC Password Manager (all operating systems).
If you want to use another app, make sure it meets the following criteria:
- 6- or 8-digit security code
- Hash algorithms SHA256 or SHA512

2. Set up Authenticator App

Step 1
Open the Token Manager.

Step 2
Log in via RWTH Single Sign-On (username format "ab123456").

Step 3
Click Create.

Screenshot of the Token Manager. The "Create" button is located below a table with a list of tokens you have already created.

Step 4
Under "Type of Token", select Authenticator app e.g. for smartphone (TOTP).

Step 5
Click Next.

Screenshot of the "Type of Token" table. "Authenticator App" is the third item in the table. The "Next" button is located at the bottom of the table.

Step 6
Under "Description", enter a name for your app (e.g. Authenticator App).

Optional
Select Advanced Options to choose the security code length and hash algorithm.

Step 7
Click Create.

Screenshot of the "Authenticator App e.g. for Smartphone (TOTP)" page. Below "Description" there is a text field. Below that, you can check the "Advanced options" box to specify optional settings. The "Create" button comes next.

A QR code appears.

Screenshot of the Authenticator App page. Below a short text is the QR code. Below that is the "Token secret" link. Selecting the link displays a code that can be entered into the app as an alternative to the QR code.

Step 8
Open your authenticator app.

Please note
We have taken screenshots of the 2FAS app for this guide. If you are using a different app, the process may be slightly different.

Step 9
Tap the plus symbol.

Screenshot of the 2FAS authenticator app. The plus icon is the second button after "Import from external app".

Step 10
Scan the QR code using the app.

Alternatively, you can click Token secret below the QR code. A code will be displayed. Copy this code in the app under "Enter secret key".

Screenshot of the 2FAS authenticator app. The camera is open. Under "Other method" you will find the "Enter secret key" option.

A code now appears in the app.

Screenshot of the Authenticator application. Under "RWTH Aachen University" you will find a code. Underneath you will find the option "Copy Token".

Step 11
Enter this code in the Token Manager under "Security code".

Step 12
Click Finish.

Screenshot of the Token Manager. "Security Code" is located under the QR Code in the "Verify Token" section.

You have successfully set up your Authenticator app.

3. Login with Authenticator app

When you are asked to enter a one-time security code, open the Authenticator app.

Copy the code displayed under “RWTH Aachen University” and paste it into the input field.

The codes are each valid for 30 seconds. If a code expires before you have entered it, simply use the next one.

Additional Information

Help: How do I login with MFA?
Help: my token does not work.
Help: I lost my token.
Please contact the developer directly if you have any problems with the application.

last changed on 05/26/2025

How did this content help you?

This work is licensed under a Creative Commons Attribution - Share Alike 3.0 Germany License