Frequently asked questions (FAQ)

On this page you will find a collection of frequently asked questions in the context of 2FA. The questions are divided into three categories that reflect the phases in the registration of the second factor.

Before registering the second factor

Mobile devices

Features

  • Database protection with biometric data possible (fingerprint / Face ID)
  • Export & import of the database possible when changing devices
  • Second factor is physically separated from the work computer
  • Integration in widgets
  • Tokens are generated offline
  • Cloud connections possible (not recommended)
  • Open source

Desktop devices

Features

  • Database protection with individual password
  • Simple transfer of the database possible when changing devices
  • 2fast database is located on the same device as the password manager used for databases
  • Login to SSO only possible from this computer
  • Tokens are generated offline
  • Protection against screen recording
  • No cloud connection
  • open source

Disclaimer: If you want to bypass Google and use the free F-Droid store(https://f-droid.org/de/), you must explicitly allow the installation of apps from this source. We recommend this procedure only for experienced users.

Possible options for authenticator apps from the F-Droid store:

To use the app, you can follow the quick guide below:

  • Open the 2FAS app and select "I'll take the risk and not create a backup" the first time you start it.
  • Tap on "Pair new service" in the main menu to add the second factor.
  • Allow access to the camera during the authorization request.
  • Scan the QR code displayed on the TU Dortmund SSO.
  • Use the six-digit code displayed to log in as the second factor.

 

You can find detailed instructions under this link:

To use the app, you can follow the quick guide below:

  • Open the 2FAS app and go to the settings via the gear icon at the bottom right.
  • Open the menu item "2FAS Backup" and deactivate iCloud Sync if desired.
  • Add a new service by staying in the "Backup and synchronization" menu.
  • Then scan the QR code from the TU Dortmund SSO or enter the key manually.

 

You can find detailed instructions under this link:

To use the app, you can follow the quick guide below:

  • Open the Microsoft Store via the Start menu and search for "2FAST".
  • Install or open the app "2FAST - Two Factor Authenticator".
  • Skip the introduction and create a new data file ("Create new data file").
  • Select a local storage location for your database file.
  • Start the registration for two-factor authentication in the browser on the TU Dortmund University portal; a QR code will appear.
  • Click on "+" in 2FAST to add a new account and scan or upload the QR code.
  • Once successfully added, your account will appear with a time-based one-time password (TOTP), which is used as a second factor.

 

You can find detailed instructions under this link:

To use the Passwords app, you can follow the quick guide below:

  • Click on "On a mobile device / Mac?" below the QR code during registration.
  • Allow the Passwords app to open in the browser dialog box.
  • Unlock the app with your macOS password or Touch ID.
  • Add a new entry using the plus sign (+) and save it with your UniAccount data ("TU Dortmund SSO").
  • Enter the generated six-digit code for verification in step 3 of the registration and submit it to complete the setup.

 

Detailed instructions can be found under this link:

To use the Step Two app, you can follow the quick guide below:

  • Download the Step Two app from the Mac App Store and install it.
  • Open Step Two and add a new account using the plus sign (+).
  • Select "Scan two-step QR code".
  • Drag the scanner window over the QR code displayed in the browser so that it is recognized.
  • Then use the code displayed to enter it in step 3 of the registration process.

 

You can find detailed instructions under this link:

During the registration process

The date of birth is derived from the information stored in the HR system (for employees) or the campus management system (for students). If you receive feedback during the registration process that the date of birth you have entered is incorrect, please contact the Human Resources Department (for employees) or the Registrar's Office (for students) to clarify the matter.

The Security Information Center (SIC) at TU Dortmund University provides a data protection-compliant web application for this purpose, which enables the QR code to be converted:

https://it-sicherheitsschulung.tu-dortmund.de/qr-code/

To do this, paste the otpauth link, which you receive on the SSO registration page with the QR code by right-clicking (copy link) on the 'On a mobile device?' button, into the text field and then confirm with the Enter key.

After completed registration

You can have the second factor reset by the ITMC Service Desk. You can find the contact details for the Service Desk here.

Further topics

KeePassXC is an open-source password manager software that runs locally on Windows, macOS and Linux. It stores all data encrypted in a KDBX database and thus offers a transparent, data protection-friendly solution that does not require cloud usage.

A key feature is the support of TOTP tokens. KeePassXC can automatically generate time-based one-time codes from a stored TOTP secret. This allows two-factor authentication to be managed directly in the password database - without an additional authenticator app.