MFA (en)

MFA (multi-factor authentication) for your university services

- more than a login name and password -

Protect your account now with MFA - the simple and secure way to log in to university services

MFA has been activated for all accounts since March 2024.


or by mail: IT-SERVICE

Choose a suitable login method

  1. Microsoft Authenticator App
  2. Other authenticator app (e.g. Google Authenticator, TOTP, ...)
  3. SMS or telephon


We recommend setting up
Microsoft Authenticator + phone.

Are you already using MFA?

Then help your fellow students and colleagues to set it up and tell them about your positive experiences.

Have you had problems with MFA? Then write a short message to IT-Service[at]
We will try to solve the problem for you and everyone else and thus simplify MFA.

Why is MFA necessary?

More and more personal data is being stored for you in various systems.

Unauthorized persons should find it increasingly difficult to access this data.
Your data should be easily accessible for you.

MFA (multi-factor authentication) means, among other things, that you have a variety of options for accessing your protected data in different situations.

Passwords alone are unsuitable for this.

With MFA, you therefore use personal devices that you trust for access.
These can be personal computers, your telephone, smartphones or hardware tokens (e.g. Yubikey USB chip, chip cards).

When MFA is set up, a relationship of trust is permanently "established" between you, your personal device and your Microsoft 365 account.


A secure memory in the device (TPM chip) preserves your digital Microsoft 365 identity.

No hacker has access to your physical device. This prevents unauthorized access to your data.

For experts: Login factors at the university

You can combine factors to access your data

  •     With password
  •     a personal phone number (SMS, phone call)
  •     App (e.g. Google Authenticator, ...)

And additionally without password with

  • Authentication app (Microsoft) image-20240119203946-2 on your smartphone that is protected with a PIN (min. 6 digits) or fingerprint or FaceID (recommended)
  • A hardware token (e.g. Yubikey) that is protected with a PIN (rarely recommended)

  • Hello-for-Bussiness for your work computer, protected by PIN (min. 6 digits) or fingerprint or FaceID

Your devices (computers, mobile devices, ...) or your apps and programs remember your access authorization and only rarely ask for it.


You can find more information on the MFA activation process in



"Why am I being asked for my login details several times a day?"

When you set up MFA, a relationship of trust is permanently "established" between you, your personal device and your Microsoft 365 account.


If you are asked for your login details several times a day, this may be for the following reasons:

  • You delete all cookies when you close your browser.
    Remedy: Enter the two addresses "" and "" as an exception.

You can also get help at IT-Service[at]

"Do I need to install Microsoft Authenticator?"

No. You do NOT need to install the "Microsoft Authenticator App"!

SMS or telephone is sufficient for MFA.

If you receive the message "Protect your account" and do not want to install the Microsoft Authenticator, you can do the following:

  • Restart your computer
  • Wait one day "Skip for now"
  • Log in to

"Do I need a smartphone or mobile phone?" (keyword TOTP)

When you set up MFA, a trust relationship is "established" between your personal devices and your Microsoft 365 account.
This also works without a smartphone or mobile phone.

However, a mobile device (smartphone, phone with SMS, call or app) is particularly flexible for logging in with MFA at any time.


However, you can also use secure login with MFA without a smartphone or phone.
Simply install an app with MFA function (TOTP), e.g. a password manager (Bitwarten, KeePass, ...), on your computer.

Then visit the website



You must enter this "secret key" in your app.
The app calculates a 6-digit code.
Press "Next" and enter the 6-digit code to finalise the setup.

Your app will now calculate a new 6-digit code every 30 seconds
You will need this code in addition to your login name and password when logging in.


The work telephone with work number can be used as the MFA method "Business telephone".
Forwarding to the home office also works for MFA.

If you need help with the set-up, ask  IT-Service[at]

"How can I log out or log off?"

How can I log out or log off?

The logout functions of some applications (moodle, mycampus, ...) are ineffective because the application automatically logs in via SSO (Single-Sign-On, Shibboleth, AzureAD) when it is called up again.

On the website
you can log out the browser you are using.


You can also see your registered devices on this website. If a device is lost, you can "deactivate" it there.

Microsoft Authenticator app for your smartphone

1. call up the website

(It is best to open this website on a computer or tablet)


2. log in with university account

Log in with your full login name (e.g.
This is not an e-mail address.

image-20231207171155-2  image-20231207171251-3


3. activate Microsoft Authenticator for your account