How-to Cards
The practical and handy reference
Home | Categories | Search
You are viewing the public, limited version of the How-to Cards. Connect to the University network physically or via VPN to see all cards.
Card categories
Outline
Last modification
2025-07-02

Setting up LCSB Second Factor Authentication (2FA)#

This How-to Card describes what 2FA and OTP are, why they are necessary, and how to set them up to improve the security of your access to LCSB services.

What is 2FA and why is it necessary?#

2FA adds a second layer of protection to your login. Instead of just a password (something you know), it also requires a time-based code from a device you control (something you have). This significantly reduces the risk of unauthorized access, even if your password is compromised.

What is OTP?#

A One Time Password (OTP) is a numerical 6-digit code generated by an app on your phone or your computer, which acts as a second factor. This code changes every few seconds and is valid only for a short period of time.

To use OTP, you must have an application installed on your phone or computer. Fortunately, OTP is widely supported, but we specifically recommend the following apps:

For alternatives, please consult the FAQ.

For safety, please make sure to keep your OTP app always up-to-date.

How to set up my 2FA?#

First, you should wait until you encounter the following setup dialog during your daily activity:

initial_screen.png

Then, you have several options on how to proceed:

Option A: Microsoft Authenticator#

  1. Open the Microsoft Authenticator app on your phone, click on the “QR” icon in the lower right corner, and scan the QR code on your screen:

    msauth_01.png

  2. Use the code that appears to complete the setup dialog:

    msauth_02.png

Option B: FreeOTP#

  1. Open the FreeOTP app on your phone, click on the “QR” icon in the upper right corner, and scan the QR code on your screen:

    freeotp_01.png

  2. Select an icon. Here, I search for “key” and use the first icon that appears:

    freeotp_02.png

  3. Click on “Next”:

    freeotp_03.png

  4. Make sure the setting is ON, then click on “Next”:

    freeotp_04.png

  5. Click on the new entry that appeared:

    freeotp_05.png

  6. Use the code that appears to complete the setup dialog:

    freeotp_06.png

Option C: Google Authenticator#

  1. Open the Google Authenticator app on your phone, click on the “+” icon in the lower right corner, select “Scan QR code”, then scan the QR code on your screen:

    gauth_01.png

  2. Use the code that appears to complete the setup dialog and for all future LCSB related OTP requests:

    gauth_02.png

Complete the 2FA setup#

  1. Enter the OTP from the app.

  2. Enter a name recognisable to you, especially if you have several phones or 2FA apps.

  3. Press submit.

    final_screen.png

Bonus: Change the registered OTP name to something you recognise.#

You may have noticed that the new OTP appears in a section called “main” in most OTP apps. Unfortunately, the current SSO platform does not allow to easily change this, but most apps do! Try to look for a place where you can edit name and change it from “main” to “LCSB” or something recognisable to you.

This change is aesthetical only, and has no functional impact.

FAQ#

When will I be asked to set up 2FA?#

The setup dialog will appear automatically after logging into any application that is connected the LCSB Single-Sign-On (SSO) system.

How frequently will I have to provide my OTP?#

Generally, once you have provided your OTP, it will be valid for 12 hours across all connected applications. However, applications may decide to ask you more frequently, especially when performing sensitive operations.

Why can I not use my existing University 2FA?#

Unfortunately, this is currently not possible due to technical limitations of the University’s SSO solution.

The LCSB SSO admin team is in contact with SIU and hope to be able to provide a single solution for all UL staff in the future.

Why does my OTP keep failing or only works sometimes?#

Our implementation of OTP is time-based (TOPT), so codes are only valid for a certain period of time. If it keeps failing, you are either waiting too long, or the time on your device could be slightly off.

Can I use my YubiKey or other hardware tokens instead?#

Not at the moment, but if there is a demand for it, we will consider offering this option. Please contact with your request.

I do not have a Smartphone or do not want to use it for work, what should I do?#

Please use this browser extension instead: Authenticator

Can I use other authenticator apps?#

Absolutely, but please understand that we cannot provide support for all OTP apps out there.

If you have an iPhone, you can use the built-in 2FA feature: Guide

Who can I contact for further assistance?#

Please contact with a detailed description of the issue.

The contents are available under CC-BY-SA 4.0 LICENSE.