OTP - Keepass

KeePass allows you to manage personal passwords securely and easily and to generate OTPs. They are stored encrypted and can be accessed at any time with a master password.

Requirement: You have installed a current version of KeePass2. KeePass

Contact: IT-Support

  • Set Up

    1. Creating a new One-Time-Password

    To set up a one-time password, you need an already existing entry for a password, but you can also create an entry especially for this purpose.
    Open the entry with a double click. In the opened entry, open Tools and go to OTP Generator Settings.

    1. Creating a new One-Time-Password
    © Uni MS IT

    2. In the IT portal: Establishment of the service

    Setting up a one-time password generator is possible in the IT-Portal under the menu item "Passwords and PINs".
    Please select the item "Manage" on this page under "One-time password generators" or alternatively the sub-item "One-time passwords (OTP)" in the menu bar on the left.

    2. In the IT portal: Establishment of the service
    © Uni MS IT

    3. In the IT-Portal: Registration of a password generator

    Now select your OTP method (we recommend TOTP) and enter any name for the generator you have selected. Then click on "Register" to activate your generator.

    3. In the IT-Portal: Registration of a password generator
    © Uni MS IT

    4. In the IT-Portal: Confirmation of Change

    After opening this window (see screenshot), you will need to enter your university password in the field. If you have already activated the two-factor authentication, a second password may be expected. This will open a QR code and a Seed value (visible in the next step Screenshot) to confirm the generator. Please do not close the new page, as you will need it again in a later step.
     

    4. In the IT-Portal: Confirmation of Change
    © Uni MS IT

    5. In the IT-Portal: Seed value

    For the registration of the generator in KeePass you need the now shown Seed value in base32 format. You have to copy this once.
     

    5. In the IT-Portal: Seed value
    © Uni MS IT

    6. Configurate KeePass

    You must now paste the copied Seed value in Base32 format at Shared Secret in Keepass. The other settings can be left as they are. After inserting the Seed value, a 6-digit one-time password appears in Preview, which renews automatically.

    6. Configurate KeePass
    © Uni MS IT

    7. In the IT-Portal: Checking the One-Time-Password

    To check and confirm the OTP generator, a one-time password is still expected, which must be entered in the field and confirmed with Next, otherwise the generator will not be accepted.
     

    7. In the IT-Portal: Checking the One-Time-Password
    © Uni MS IT