07 December 2023 - IT Security The Launch of Multi-factor Authentication (MFA)

In the past few weeks, we have begun introducing multi-factor authentication (MFA) at Heidelberg University in order to better protect the accounts and data of university members against attacks. From 15 December, an additional factor will be required to sign into the central virtual private network (VPN).

Laptop with login screen and smartphone with a code on it. A person sitting on the laptop. Drawing.

Expansion of our informational offerings 

Thus far, the launch has proceeded smoothly and many users have already set up their second factor. To continue improving our informational offerings on the subject, we have already addressed important feedback from users and made additions to the website.

We are also holding an open online information session. You are cordially invited to attend if you would like to receive further information; registration is not required:

  • Wednesday, 13 December at 14:00 (approx. 30 minutes) on heiCONF 

Multi-factor authentication for VPN sign in: What's changing for you

  • From 15 December 2023, you will need a time-based one (TOTP) in addition to a username and password to sign into the central virtual private network (VPN) service. 
  • The TOTP will be created with a one-time password generator, also called a token. 
  • When you log in, your time-based one-time password will be displayed by your token. You will enter this password as a second factor after entering your username and regular password. 
  • If you have not yet set up a token, please set up your token well in advance, so that you can continue to use VPN or VPN-protected IT services from 15 December. Of course, it will remain possible to set up a token from the university network at any time thereafter.
  • You can already set up the tokens and log in to the central VPN with a second factor. 
     
  • Students need to use the VPN to access Moodle Exam.
  • Additional services will be successively integrated into the MFA service.

Here's how to set up and manage your tokens:

You can set up and manage your token yourself in about 10-15 minutes. The URZ provides the MFA Token self-service platform LinOTP for this purpose. 

You can find all how-tos, further information and FAQs on the linked Service Catalogue entry or by clicking the red button. 

A major step for greater IT security: Set up your additional factor now!

Should you require further assistance, please contact your IT representative (employees) or the IT Service (students).