This document explains how you can set up the University MFA (NetIQ) system to use your FreeOTP or GoogleAuthenticator app as the generator of secure codes. In this way, you will be able to use the same app for logging in to the institute and university services. This setup has to be done through the university account services and will enable so-called TOTP authentication. Follow the steps below to set up UL MFA for TOTP.
You need to login to the university account services at https://account.services.universiteitleiden.nl. Use your ULCN account credentials for this.
This is followed by any MFA authentication that you may have chosen in the past.
On the Account Services page you will find near the bottom left of the page a tile denoting Multi-Factor Authentication. Select this tile by clicking on it to go to the setup of MFA additional options. You do need to login again using your ULCN credentials…
After entering your ULCN credentials you again need to choose the MFA type to allow you to continue logging in. In this case not all options are visible as the test account has not enrolled NetIQ, so you only see the three remaining options, by email or by SMS should always be there.
In your case you may only see the Email and SMS optione. To continue choose the email option and provide the 6 digit code mailed to you in the next login step.
After that you will end up on the NetIQ selection page. That page shows all the options you may choose for authentication. In this example you see that NetIQ is not previously selected. In your case the blue button may be a 'Modify' button, as is visible under the TOTP block on the right in this example.
In case you have the 'Install' button below the TOTP block, you may click that to set up a non-NetIQ authenticator app. You will be directed to a new page:
This is the first step/page of four to enable the TOTP function. In your case you might not see the 'Delete' button and can directly continue to 'Next'.
The bottom paragraph explains to you in detail the next steps. Follow those steps and you will end up with TOTP as a viable authentication method. If you are shown the QRCode, take your phone's app (FreeOTP or Google Authenticator) and scan the code.
Once all this is done you can use your prefered TOTP application (FreeOTP or Google Authenticator) as the MFA step in any of the university web applications.
From now on you can use the same app for Sterrewacht 2FA and University MFA.
In order for you to quickly see which entry in FreeOTP belongs to which system, you can insert an icon to each block in FreeOTP. First you need to download the icons we have prepared for you to your phone
Then in FreeOTP you click the three dots on the right of a block and choose option: 'Edit'. Click on the icon (on the left) and now you go to the place where you saved the icon on your phone. Select the file and it will be permanently display on the left side of the Authentication block.
Note: For those that have recently scanned the QRCode for the Observatory, your Authenticator block should already use the strw.png icon.