to Homepage
You are located in service Multifactor-Authentication (MFA)
General information
IT Center Help

You are located in service: Multifactor-Authentication (MFA)

Authenticator App e.g. for Smartphone, Laptop or Desktop (TOTP)
Print page

Authenticator App e.g. for Smartphone, Laptop or Desktop (TOTP)

On this page you will learn how to set up a TOTP app to use it with VPN and RWTH Single Sign-On.

A TOTP token (time-based one-time password) is associated with a TOTP app of your choice (i.e. 2FAS Aegis or Keychain on Apple devices). You can download such apps via the App Store or Google Play (or alternatives).

Another Option is to use a TOTP app for desktop (e.g. 2FAS for Windows or the TOTP extension of the KeePassXC password manager).

TOTP apps are a very secure form of second factor after hardware tokens, as they often represent a separate device and are already familiar to many users from everyday life. They can be used quickly and without additional cost.

Note: Please check in advance which character length and hash algorithms are supported by your app. All TOTP apps support the SHA1 algorithm. More secure methods like SHA256 or SHA512 are not necessarily supported by all apps.

This token type can be used for authentication of the following services:

  • RWTH Single Sign-On
  • VPN

Instruction for set up

To configure this type of token, please choose "Authenticator app e.g. for smartphone (TOTP)" in the Token Manager in IdM Selfservice.

Step 1 (optional): Add a description (e.g. the name of your app) and select a security code length and hash algorithm under "Advanced Options".

Step 2: Click "Create".

Step 3: Add a new service or a new account in your Authenticator App and scan the QR-Code with you device or enter the TOTP Key into the app.

Step 4: Next, enter a one-time-password (OTP) shown in the app in to the field "Verify TOTP" an click "Finish" to complete the procedure. 

The steps in the app are the following (the cost free 2FAS App is used as an example) of a TOTP App:

  1. Open the app and click on "pair new device".
  2. Scan the QR-code from the Token Manager with the app.
  3. Enter the one-time-password (OTP) from the app into the field in your browser and click "Finish".

You can now use the app as a "Authenticator App e.g. for Smartphone (TOTP)". A new one-time-password (OTP) is generated every 30 seconds.

Important: Ensure that no unauthorized third parties are able to access the app.

Please contact the manufacturer directly for further support.

last changed on 04/05/2024

How did this content help you?

Creative Commons Lizenzvertrag
This work is licensed under a Creative Commons Attribution - Share Alike 3.0 Germany License
Chat