Universität Bonn

University IT and Data Center

en
24. July 2025

Introducing multi-factor authentication Introducing multi-factor authentication

As announced in the circular on 24.07.25, the University of Bonn works actively to heighten cybersecurity for our electronic services. As announced in the fall of 2024, the University will be introducing multi-factor authentication (MFA) when logging in via Uni-ID, among other measures. The MFA rollout is being coordinated within the framework of a DiCe project, and has been agreed with the central committees and bodies. All University employees will receive a Yubikey security key as second factor in a phased rollout process. Students are not affected by the change at this time.

Why use MFA?

The Uni-ID is used as access credential for a wide range of electronic services which in many cases involve the accessing of personal data or sensitive IT infrastructure processes. For certain services, password-only security is insufficient, as passwords are often reused and easily stolen and crackable.


MFA is also an important criterion for fulfilling requirements under the BSI-Grundschutz basic security standard, which all universities in the state of North Rhine-Westphalia have agreed to uphold. 

Instructions and support

For help see the University IT documentation on Confluence or contact the University IT MFA support desk by email at mfa-support@uni-bonn.de for assistance on any issues concerning multi-factor authentication for Uni-ID login. The available instructions and support will ensure that you can get back to work as quickly as possible after encountering any problems, such as a lost or broken Yubikey occurring on a business trip.

What do you have to do?

The use of security keys (Yubikeys) is mandatory for all employees. A hardware security key was chosen because it offers greater security than software-based solutions, due to being physically separate from the user device. These keys protect against phishing attacks and allow secure storage of sensitive data.

 Depending on your organizational unit, you will receive your personal Yubikey either from University IT directly or from a local distribution point. You will be informed by email to your University of Bonn email address of your distribution point and when your Yubikey is available for pickup. 

  • The key can be used on any user device.
  • We recommend carrying it on your work keychain so you have it with you at all times. Please make sure to not leave your Yubikey anywhere unattended.
  • Upon ending employment at the University of Bonn, the Yubikey must be returned to the distribution point.
MFA_UniBonn.jpg
MFA_UniBonn.jpg © HRZ
Download all images in original size The impression in connection with the service is free, while the image specified author is mentioned.
Please fill out this field using the example format provided in the placeholder.
The phone number will be handled in accordance with GDPR.

We are aware that multi-factor authentication represents an additional step that you are not used to. It is however one of the most important means of achieving more robust cybersecurity for the University of Bonn. This measure minimizes risk of a cyberattack resulting in system failures and/or data losses, with potentially far-reaching and long-lasting consequences. Yubikeys have already been rolled out to central administration for multi-factor authentication, where staff have reported that this new authentication method really only takes a minimal amount of extra time.