What is OTP?
An OTP (One-Time Password) is a password that is generated for authorization and authentication purposes (e.g. two-factor authentication). It serves as an additional security factor to your WWU password and increases the protection against phishing or hacking attacks.
Each OTP is only valid for use within a short period of time and is automatically regenerated afterwards. To generate such one-time passwords you need an OTP generator, which you can install as an app on your smartphone.
Why are we switching to OTP?
You have almost certainly heard about the increasing number of cyber attacks on universities in recent months. Last summer, the FH in Münster, among others, was affected. In order to best protect the WWU from similar attacks and the associated protracted disadvantages for teaching and research, the WWU is introducing additional security-related measures. The introduction of 2-factor authentication with OTP for services that can be used to access internal services and data from outside the WWU (e.g. VPN and VDI) is one such security measure.
In the coming months, additional services will be secured using 2-factor authentication with OTP. With the one-time setup and registration of the OTP app in the IT portal, you are very well prepared for the changes.
Where can I find instructions for OTP?
The WWU recommends different OTP generators depending on the operating system.
If you are already using an OTP service, you can continue to use it. The one-time password generators must be registered in the IT portal before use.
Under the following link you will find the app recommendations of the WWU, as well as the installation and application instructions for 2-factor authentication with OTP:
Why can I use my private mobile device to generate an OTP?
Please use a mobile device in the first instance if possible, this is much more practical to set up.
Also, the OTP generator app that you install on your mobile device does not access any data flow on the mobile device or your phone number.
By setting it up, the app synchronizes with the IT portal via a timestamp. Your mobile device contains a clock and can assign such a timestamp. This is the only synchronization that takes place. The devices do not otherwise make contact with each other. Moreover, the app does not require a phone number or anything similar for this process. So there is no danger in using your private end device at this point.
Instead of a smartphone, you can also use another mobile device for generating OTPs, e.g. a tablet or another computer. Follow our instructions for this.
Step-by-Step: Example OTP Setup with a Smartphone
Step 1: You need two devices for the OTP procedure. You usually use the first device to work with and want to log in to a service that requires an OTP (e.g., your service laptop on which VPN is to be used). With the second device you generate the so-called OTPs with the help of an app. In this example, the first device is a stationary computer and the second device is a smartphone. The first and second devices do not exchange data, apart from the timestamp of the OTP.
Step 2: Install the OTP generator as an app on the smartphone. To do this, select the app that matches the smartphone's operating system. On our website you will find instructions and app recommendations from WWU IT for the different operating systems: Instructions.
Step 3: Register the installed OTP app in the IT portal. To do this, log into the IT portal via the stationary computer and follow the steps in the instructions from WWU IT.
Step 4: If you now want to log in to a service that requires an OTP using the stationary computer or another end device, you must always have the OTP generator app open at the same time and take the generated OTP from the app. The generation of such OTPs takes place automatically. The app creates a new OTP every 30 seconds. This ensures that it is temporary and can only be used once (one-time password).
What can I do to take precautions against losing my OTP generator?
To be able to continue logging in to your services in the case that you lose your smartphone with the OTP app installed, for example, you can take precautions. Register two different OTP generators. The two generators should be accessible on different end devices, e.g., computer and cell phone.
Then select the "One-time password (OTP)" option in the two-factor security settings in the IT portal. This increases security and prevents problems in the event of generator failure/loss.
Who can help me with further questions about OTP?
If you have further questions, your IVVs are available for employees of the departments. Under the following link you can see which IVV is responsible for you:
For questions from employees of the central administration, the IVV9, or the Service Desk is responsible: 0251 83-30303.
For students, the IT hotline (Mon–Fri 08.00–17.00: 0251 83-31600) or the service desk at Einsteinstraße 60 (Mon–Fri 08.00–12.00 and 13.00–16.00) is available.