2-Factor Authentication (2FA)

What is 2-factor authentication (2FA)?

  • With 2-factor authentication, a user's identity is proven by combining two different and, if possible, independent components, such as a two-step login:
    1. Step: Entering your username and password.
    2. Step: Entering a one-time password that comes from software or hardware.
  • Example: when banking online, you are either asked to enter a code that is displayed to you in an app from your banking institution, for example, or you have to confirm in the app that the dial-in attempt comes from you.

Why is 2-factor authentication important?

  • 2-factor authentication on IT systems significantly increases the security of the accounts and thus of the systems, and thus also the protection of your data.
  • You protect your account from phishing attacks.
  • Since access to your accounts is secured via an additional method, someone who has access to your username and (actually secret) password will still not be able to access your account unless the person has access to your 2nd factor.
    However, if you enter your access data (user name, password and 2nd factor) on a fake site, an attacker can of course log on to the "real" system with this data (within the validity period of the 2nd factor) (MitM attack), so it is important to ensure that you only enter the data on the "real" system even with the 2nd factor!
  • We strongly advise that you enable 2FA for all your accounts for which it is offered!
    Examples: Amazon, Facebook, GMX, Google, LinkedIn, Microsoft, XING, …

2-factor authentication at TU Graz

  • All central "login pages" of TU Graz (SSO) that can be accessed from the Internet, such as TU Graz cloud, TUGRAZonline, TU4U, OWA, etc., as well as i RDS access and VPN access are secured via 2-factor authentication.
  • The 2-factor authentication is implemented at TU Graz using the following options:
    • with the ID Austria (but only applies to SSO systems, not to VPN),
    • with a software that runs e. g. on a smartphone, a smartwatch, a tablet, or a desktop/notebook and calculates the corresponding numbers (software token) or
    • with a special hardware that displays the numbers (hardware token).
  • For information: the software used at TU Graz generates time-based one-time passwords (TOTP) which are regenerated every 60 seconds.
    For this to work, the time of your used device must match that of the server - so please set the time to "set automatically":