You are here:
Two-factor authentication (Secure Login)
One time setup on your smartphone
In order to better secure access to the sometimes confidential data of some IT services against unauthorized access, a one-time PIN is required for logging in in addition to the familiar UW/H user name and password. This PIN changes continuously and is supplied to you by an app on your smartphone when you log in.
If you have received a hardware token from us for this purpose, then you can ignore these instructions - you can then use your token to log in to all services with two-factor authentication for which we have unlocked you. Otherwise, you will now need to set up the app that allows you to log in once on your smartphone: IMPORTANT: Please contact us if you have already successfully set up the secure login and now want to change your phone, as we will then first need to delete your previously used authenticator before you can then set it up again on your new device following these instructions.
- Install the free "Google Authenticator" on your smartphone from the Play Store or App Store. (If you are using a Windows Phone, please install the "Microsoft Authenticator" instead).
- Using a PC or Mac (not your smartphone), log in here with your UWH username/password.
- Click on the TOTP icon at the bottom of "Add authenticator" (first time setup) or at the top of "Enrolled Authenticators" (e.g. if you have a new/additional smartphone) - you will now see a square QR code on the screen.
- On your SmartPhone, launch the Google Authenticator app and select "Scan Barcode". (On a Windows Phone, launch the Microsoft Authenticator App and select "Add account -> Other account..). You will now see the image from the phone camera. Position the SmartPhone so that the QR code is visible on the screen within the frame. Once the QR code is recognized, the app will display a six-digit code and the text "Netiq".
- Only necessary per phone when setting up for the first time: On your PC or Mac, click "Save" below the QR code you just scanned. The TOTP icon will now appear with the "Enrolled Authenticators". Thesetup of the authenticator is now complete.IMPORTANT: Please contact us if you want to change your phone, as we will need to delete your previous authenticator before you can set it up again on your new device following these instructions.
- Log out again by clicking on your name in the upper right corner and then on "Log out".
Login with PIN does not work?
- Please log in tohttps://advancedauth.uni-wh.de. If this also fails, then your account has been locked, or - more likely - you have forgotten your password. You can reset it yourself here: https://pw.selfservice.uni-wh.de If that also fails, then please contact us at: BIT-Support(at)uni-wh.de.
- You were able to log in tohttps://advancedauth.uni-wh.de. Is the TOTP icon displayed at the top of "Enrolled Authenticators"? If not, you probably forgot to click "Save" after scanning the QR code (see point 5 above). In this case, please delete the Authenticator on your cell phone so that no PIN is displayed there anymore. Then follow the instructions above from point 3.
- The TOTP icon is displayed at the top of "Enrolled Authenticators", click on this icon and then on "Test". Enter the PIN provided by the Authenticator app on your phone.If you get the result "Incorrect OTP Password" (red), then delete the authenticator in the Authenticator app on your phone and contact us at: BIT-Support(at)uni-wh.de We will then delete the authenticator on the server as well, so you can set it up again according to the instructions above.
- The test of the registered authenticator returns "Authenticator TOTP passed the test" (green), but the login with username/password and one-time PIN still does not work. Please report to us:BIT-Support(at)uni-wh.de