Multi-Factor Authentication (MFA)

Service description

The Authentication Service provides optional Multi-Factor Authentication (MFA).

Multi-Factor Authentication (MFA) is used to increase security by using a second independent factor for proof of identity.

The TU Intranet Portal uses a time-dependent key according to RFC 6238 (TOTP) in addition to the TUaccount password.

Increase security by using a second independent factor for the proof of identity.

The authentication service offers you Multi-Factor Authentication (MFA).
Multi-Factor Authentication (MFA) is used to increase security by using a second independent factor for proof of identity.
The TU Wien login uses a time-dependent key according to RFC 6238 (TOTP) in addition to the TUaccount password.

The activation (or deactivation) of the Multi-Factor Authentication (MFA) is done via the TU Portal, opens an external URL in a new window. Either by clicking "Set up now" in the blue banner below the headline or by clicking the button "Set up Multi-Factor Authentication (MFA)" at the bottom of the page.

As part of the activation process, you will receive a secret code that you must transfer to the installed key generator of a personal device in the form of a QR code, or string. The generator generates a new key every 30 seconds, calculated from the current time and code. For this reason, the clocks of client and server must be approximately synchronized. No internet connection is required to generate a key.

For the TU Wien login, opens an external URL in a new window a time-dependent key according to RFC 6238, opens an external URL in a new window (TOTP) is used in addition to the TUaccount password

TUvpn with Multi-Factor Authentication (MFA)

Knowledge Base

Service Center

Ticketsystem Online Portal, opens an external URL in a new window
Email: help@it.tuwien.ac.at
Phone: +43 1 58801 42002
1040 Wien, Operngasse 11, EG

MON-FRI (on working days) 8:00 a.m. to 12:00 a.m. and from 1:00 p.m. to 4:00 p.m.

Service Center

Ticketsystem Online Portal, opens an external URL in a new window
Email: help@it.tuwien.ac.at
Phone: +43 1 58801 42002
1040 Wien, Operngasse 11, EG

MON-FRI (on working days) 8:00 a.m. to 12:00 a.m. and from 1:00 p.m. to 4:00 p.m.

Name	Purpose	Lifetime	Type	Provider
CookieConsent	Saves your settings for the use of cookies on this website.	1 year	HTML	Homepage TU Wien
SimpleSAML	This is needed to distinguish between the sessions of the logged-in users.	session	HTTP	Login TU Wien
SimpleSAMLAuthToken	This is needed to distinguish between the sessions of the logged-in users.	session	HTTP	Login TU Wien
fe_typo_user	Is needed so that in case of a Typo3 frontend login the session ID is recognized to grant access to protected areas.	session	HTTP	Homepage TU Wien
staticfilecache	Is needed to optimize the delivery time of the website.	session	HTTP	Homepage TU Wien
JESSIONSID	Is needed so that in case of a LectureTube the session ID is recognized to grant access to protected areas.	session	HTTP	LectureTube TU Wien
_shibsession_lecturetube	This is needed to distinguish between the sessions of the logged-in users.	session	HTTP	LectureTube TU Wien

Name	Purpose	Lifetime	Type	Provider
_pk_id	Used to store a few details about the user such as the unique visitor ID.	13 months	HTML	Matomo TU Wien
_pk_ref	Is used to store the information of the users home website.	6 months	HTML	Matomo TU Wien
_pk_ses	Is needed to store temporary data of the visit.	30 minutes	HTML	Matomo TU Wien

Name	Purpose	Lifetime	Type	Provider
facebook	Is used to Enable ad delivery or retargeting	90 days	HTTP	Meta
__fb_chat_plugin	Is needed to store and track interactions (marketing/tracking).	persistent	HTTP	Meta
_js_datr	Is needed to save user settings.	2 years	HTTP	Meta
_fbc	Is needed to save the last visit (marketing/tracking).	2 years	HTTP	Meta
fbm	Is needed to store account data (marketing/tracking).	1 year	HTTP	Meta
xs	Is needed to store a unique session ID (marketing/tracking).	1 year	HTTP	Meta
wd	Is needed to log the screen resolution.	1 week	HTTP	Meta
fr	Is needed to serve ads and measure and improve their relevance.	3 months	HTTP	Meta
act	Is needed to store logged in users (marketing/tracking).	90 days	HTTP	Meta
_fbp	Is needed to store and track visits to various websites (marketing/tracking).	3 months	HTTP	Meta
datr	Is needed to identify the browser for security and website integrity purposes, including account recovery and identification of potentially compromised accounts.	2 years	HTTP	Meta
dpr	Is used for analysis purposes. Technical parameters are logged (e.g. aspect ratio and dimensions of the screen) so that Facebook apps can be displayed correctly.	1 week	HTTP	Meta
sb	Is needed to store browser details and security information of the Facebook account.	2 years	HTTP	Meta
dbln	Is needed to store browser details and security information of the Facebook account.	2 years	HTTP	Meta
spin	Is needed for promotional purposes and social campaign reporting.	session	HTTP	Meta
presence	Contains the "chat" status of logged in users.	1 month	HTTP	Meta
cppo	Is needed for statistical purposes.	90 days	HTTP	Meta
locale	Is needed to save the language settings.	session	HTTP	Meta
pl	Required for Facebook Pixel.	2 years	HTTP	Meta
lu	Required for Facebook Pixel.	2 years	HTTP	Meta
c_user	Required for Facebook Pixel.	3 months	HTTP	Meta
bcookie	Is needed to store browser data (marketing/tracking).	2 years	HTTP	LinkedIn
li_oatml	Is needed to identify LinkedIn members outside of LinkedIn for advertising and analytics purposes.	1 month	HTTP	LinkedIn
BizographicsOptOut	Is needed to save privacy settings.	10 years	HTTP	LinkedIn
li_sugr	Is needed to store browser data (marketing/tracking).	3 months	HTTP	LinkedIn
UserMatchHistory	Is needed to provide advertising or retargeting (marketing/tracking).	30 days	HTTP	LinkedIn
linkedin_oauth_	Is needed to provide cross-page functionality.	session	HTTP	LinkedIn
lidc	Is needed to store performed actions on the website (marketing/tracking).	1 day	HTTP	LinkedIn
bscookie	Is needed to store performed actions on the website (marketing/tracking).	2 years	HTTP	LinkedIn
X-LI-IDC	Is needed to provide cross-page functionality (marketing/tracking).	session	HTTP	LinkedIn
AnalyticsSyncHistory	Stores the time when the user was synchronized with the "lms_analytics" cookie.	30 days	HTTP	LinkedIn
lms_ads	Is needed to identify LinkedIn members outside of LinkedIn.	30 days	HTTP	LinkedIn
lms_analytics	Is needed to identify LinkedIn members for analytics purposes.	30 days	HTTP	LinkedIn
li_fat_id	Required for indirect member identification used for conversion tracking, retargeting and analytics.	30 days	HTTP	LinkedIn
U	Is needed to identify the browser.	3 months	HTTP	LinkedIn
_guid	Is needed to identify a LinkedIn member for advertising via Google Ads.	90 days	HTTP	LinkedIn

Multi-Factor Authentication (MFA)

Service description

Benefit

Properties

Ordering Process

Notice

TUvpn with Multi-Factor Authentication (MFA)

Knowledge Base

Service Center

Service Center