With 2-factor authentication, a user's identity is proven by combining two
different and, if possible, independent components, such as a two-step login:
Step:
Entering your username and password.
Step:
Entering a one-time password that comes from software or hardware.
Example:
when banking online, you are either asked to enter a code that is displayed
to you in an app from your banking institution, for example, or you have to
confirm in the app that the dial-in attempt comes from you.
Why is 2-factor authentication important?
2-factor authentication on IT systems significantly increases the security
of the accounts and thus of the systems, and thus also the protection of
your data.
You protect your account from phishing attacks.
Since access to your accounts is secured via an additional method, someone
who has access to your username and (actually secret) password will still
not be able to access your account unless the person has access to your
2nd factor.
However, if you enter your access data (user name, password and 2nd
factor) on a fake site, an attacker can of course log on to the "real" system
with this data (within the validity period of the 2nd factor)
(MitM attack), so it is important
to ensure that you only enter the data on the "real" system even with the
2nd factor!
New accounts must activate the 2nd factor within 7 days, otherwise it will
no longer be possible to log in!
The 2-factor authentication is implemented at TU Graz using the
following options:
with the ID Austria (but only
applies to SSO systems, not to VPN),
with a software that runs e. g.
on a smartphone, a smartwatch, a tablet, or a desktop/notebook and
calculates the corresponding numbers
(software token) or
with a special hardware that displays the numbers
(hardware token).
For information:
the software used at TU Graz generates time-based one-time passwords (TOTP)
which are regenerated every 60 seconds.
For this to work, the time of your used device must
match that of the server - so please set the time to "set automatically":