OTP - MACOSX

Note: If you already have an OTP service in use, you can continue to use it, then please just follow the points "Setting up the service" in our instructions.

The listed services "Step Two Generator" or "Pre-installed passwords app" are options you can choose between.

ATTENTION: You need Step Two or the pre-installed passwords app regularly to generate an OTP, do not delete the programme just like that. For security, it is best to also register an OTP service with your mobile device: Instructions for Android and iOS

Contact: IT-Support

Step Two Generator
1. install Step Two
Download the app Step Two for your Mac by either scanning the QR code shown here (see adjacent screenshot) or by clicking here.
© CIT
2. Setup the OTP Service
Setting up one-time passwords is done in the IT Portal. Select the menu item "Passwords and PINs", then under section "Two-factor security" choose the option "Manage" for the item one-time password generators.
© CIT
3. Registering a password generator
Select your OTP method (We recommend TOTP) and choose a description for your password generator. Then click "Register".
© CIT
4. Change confirmation
After opening this window (see screenshot), you will need to enter your university password in the field. If you have already activated the two-factor authentication, a second password may be expected. This will open a QR code and a germ value to confirm the generator. Please do not close this new page, as you will need it in a later step.
© CIT
5. Start manual setup
After you have opened Step Two, click on the "+" symbol in the upper right corner and then click on "Set up account manually ...".
© CIT
6. Configure step two
Enter your germ value in Base32 format in the "Secret Key" field. Make sure that you do not enter any spaces. You can choose your account name arbitrarily, e.g. "University". In the last field, enter your university ID and then confirm with "Save".

© CIT
You can find the germ value in Base32 format in the IT portal, which you have already generated in a previous step. You will find it directly under the QR code (see figure).
© CIT
7. Use of Step Two
After you have completed all the above steps, your one-time password will be displayed in the Step-Two app under the account and username you specified in the previous step. The one-time password is renewed every 30 seconds.
© CIT
8. Checking the one-time password
After you have scanned the QR code in your Step Two app or added the seed value to your authenticator, you can use the OTP procedure. For actions that require confirmation, now enter the code displayed in your app in the "One-time password (OTP)" field. To check and confirm the OTP generator, a one-time password is expected, which must be entered in the field. Otherwise the generator will not be accepted.
© CIT
Pre-installed passwords app (macOS 12 or higher)
1. Setup the OTP Service
Setting up one-time passwords is done in the IT Portal. Select the menu item "Passwords and PINs", then under section "Two-factor security" choose the option "Manage" for the item one-time password generators.
© CIT
2. Registering a password generator
Select your OTP method (We recommend TOTP) and choose a description for your password generator. Then click "Register".
© CIT
3. Change confirmation
After opening this window (see screenshot), you will need to enter your university password in the field. If you have already activated the two-factor authentication, a second password may be expected. This will open a QR code and a germ value to confirm the generator. Please do not close this new page, as you will need it in a later step.
© CIT
4. Opening the app
On your Mac, click the search icon in the upper right corner. Then find the "Passwords" app and open it.
© CIT
5. Enter password
Your Mac will now ask you for your Mac password, which you also use to log in to your Mac. After entering it, confirm your password with Enter.
© CIT
6. Add password
Click on the "+" symbol at the top center. In the window that opens, enter "uni-muenster.de" as the website, your EMU ID as the user name, and your central EMU password as the password. Now confirm the whole thing by clicking the "Save" button.
© CIT
7. Edit password
After you have successfully added your account information, click on the "Edit" button.
© CIT
8. Enter configuration key
Click on the "Set Up Code..." button. There you type in your germ value in Base32 format. Make sure that you do not use any spaces.
© CIT
You can find the germ value in Base32 format in the IT portal, which you have already generated in a previous step. You will find it directly under the QR code (see figure).
© CIT
9. View confirmation code
After you have completed all the above steps, you can now view the 6-digit confirmation code. This will update automatically every 30 seconds. If you exit and restart the Passwords app, you may have to re-enter your Mac password, but you can view the 6-digit One Time Password directly afterwards.

© CIT
10. Checking the one-time password
After you have scanned the QR code in your app or added the seed value to your authenticator, you can use the OTP procedure. For actions that require confirmation, now enter the code displayed in your app in the "One-time password (OTP)" field. To check and confirm the OTP generator, a one-time password is expected, which must be entered in the field. Otherwise the generator will not be accepted.
© CIT
OTP for managing impersonal IDs
KeePass as a One-Time Password generator.