Authenticator app

An authenticator app (authentication application) is a software application that can be used on mobile devices such as smartphones.
The application ensures that you can authenticate yourself to services that require MFA.

Hardware token

A hardware token (also known as a hardware key or hardware security key) is a small, portable device (often in the format of a USB stick) that is used for the secure authentication of users.
Hardware tokens usually generate one-time security codes (OTP - One-Time Passwords) that are only valid for a short period of time.
Such a key can be used as a second factor for multi-factor authentication (MFA) for protected RWTH services.

MFA

Multifactor authentication (MFA) describes a security procedure that requires multiple proofs of a user's identity before access to a system or application is granted.

• Knowledge: Something the user knows, such as a password or PIN.
• Possession: Something the user owns, such as a smartphone with an authenticator app or a hardware token.
• Biometrics: Something the user is, such as fingerprints or facial recognition.

The aim of MFA is to increase security and prevent unauthorized access.

Security code

One-time security codes (also known as security passwords or codes) are sequences of numbers and/or letters that are requested during authentication by a second factor. These are "unique", as they lose their validity, e.g. due to a fixed sequence or a short lifespan.

Security key

A security key is a specific hardware token.
It is often a stand-alone object, frequently in the form of a USB stick or a card, which is explicitly intended to serve as a token.
Different keys support different token types (WebAuthn/FIDO2, HOTP, TOTP, etc.) and also different methods of issuing the codes (via NFC, only after confirmation of the fingerprint, etc.).
A key can be registered and used as several tokens (e.g. for several services and/or as a WebAuthn and HOTP token at the same time).

TAN list

The TAN list is a type of token that is used for the secure authentication of users. It is a list in paper form or as a digital (PDF) document that contains several security codes.

Token

A token, or more precisely a "security token", is an object or device that generates a one-time security code.
You use the token in combination with a password to log in. The password is your first authentication factor. The token is your second authentication factor.
This is known as multifactor authentication.

Token secret

For some token types, the service and the token must be matched so that authentication can work.
This is done by exchanging a "token secret", e.g. via a QR code, a character string or direct communication between the server and the end device. This is effectively a complicated password.
This is then used by the token device to generate the correct codes and by the server to verify the codes.