Setting Up Two-Factor Authentication

1. Preparation: Download an authenticator app

The system recommends commonly used authenticator applications such as Google Authenticator, which is available on both Android and iOS.
As an alternative, you may use Duo Mobile (or any other TOTP-compatible authenticator).

Recommendation: Install and open the downloaded application before starting the 2FA activation on the portal, so it is ready to scan the QR code.

2. Portal navigation – where to find the settings (step by step)

  1. Log in to the customer portal.

  2. In the main menu, under “Account”, click on “Security”.

     

  3. On the page that appears, select the “Multi-factor auth” option.

     

  4. Start the registration by clicking the “Activate” button. At this point, the following will appear:

    • a secret key (character string),

    • a QR code,

    • and links to the recommended authenticator applications.

     

  5. By clicking the “Continue” button after completing all steps in section 3 ( Configuring the authenticator app ), follow the on-screen instructions.

3. Configuring the authenticator app (scanning the QR code)

  • Open the authenticator app installed on your mobile device.

  • Select “Add account” / “+” (depending on the app).

  • Choose the “Scan QR code” option and point your camera at the QR code generated on the portal.

  • If scanning the QR code does not work for any reason, you can manually enter the secret key into the app. (Many authenticator apps support manual key entry.)

  • After scanning or manual entry, the app will start generating time-based 6-digit codes for the account.

Only save the settings on the portal once you are certain that the account entry and codes are visible in the authenticator app! Otherwise, you may not be able to log in later.

4. Login – how it works after 2FA activation

  • The next time you log in to the portal: enter your usual password, then—when prompted—the 6-digit security code (OTP) generated by the authenticator app.

  • The codes are time-based and are typically valid for approximately 60 seconds.

  • If a code expires, the app will automatically generate a new one—use the new code.

5. How to verify that 2FA is active (enabled)

Successful activation of 2FA can usually be verified by the following indicators:

  • In the subscriber profile / security settings, the status of “Two-factor authentication” is active / enabled.

  • The authenticator app contains an entry for the account—meaning code generation is configured.

  • On the next login attempt, the system will request an OTP code in addition to the password (password + code). If this happens, 2FA is working.

It is recommended that after the first successful login—once you have entered the code—you immediately log out and log in again to verify that the 2FA system is functioning correctly.

6. Additional information and recommendations

  • Security warning regarding the secret key: Do not take screenshots of or share the QR code / secret key—anyone who obtains it can access your account.

  • Backup option: If supported by the app (e.g., Duo or a password manager), it is recommended to create a backup. This ensures that your 2FA configuration is not lost when changing phones. For some apps, this is especially important.

  • Regular checks: Periodically verify that 2FA is still active and that the app is up to date to avoid login issues caused by expired or unavailable codes.

  • If you are unable to log in for any reason: If you cannot access the portal or your phone has been lost, please contact us from your registered contact email address by sending an email to [email protected].