2FA Apps

Below we describe some available options for handling 2FA tokens.

Smartphone

If you are using an Android device, please use the following QR-Code for the App “otpauth”:

otpauth01.png

If you are using an Apple device, please use the following QR-Code for the App “freeotp”:

freeotp01.png

Just install them via your app store and scan the QR codes provided during 2FA setup.

Important

Please make sure that the authenticator app is capable of handling SHA-256!

Please make backups of your stored tokens on a regular basis on the phone (and save them elsewhere) in case of hardware failure of the phone or if you switch to a new device.

FreeOTP

First, open the otp app of your choice. If you have not yet set up the app, please follow the setup wizard.

You should now see a button with a plus in the bottom right-hand corner of the screen.

If you click on the plus, the settings for adding a new token will open.

These are the numeric codes that will be mentioned again later in the instructions for setting up two-factor authentication.

KeePassXC

You can also manage 2FA tokens on your desktop via KeePassXC. Just download and install the corresponding version for your operating system.

First, you need to set up a new database within KeePassXC:

keepass-db

Just follow the setup procedure and choose a good master password.

For each 2FA token, you first need to create an empty entry:

keepass-entry

In this case, it is named Gitlab.

Afterward, you need to open the context menu on this new entry (right mouse button) and choose TOTP > Set up TOTP…:

keepass-setup-totp

There, you enter the secret which you obtained during 2FA initialization (some smartphone apps, e.g. FreeOTP+, also show this secret)

keepass-secret

With this, you may either show the current TOTP or copy it into the clipboard as with other passwords in KeePassXC.