TOTP (Timebased On-Time Password) is a security standard in which a time-based code must be entered as a second factor. The codes for this are provided by an app that must be configured inital for the respective user account. Possible apps for this are, for example, Microsoft Authenticator or Google Authenticator.
At the bottom of the following pages there is a language selection which the>user can use to select a language,
as he is not yet logged in at that time and therefore his configured language is not available.
The TOTP setup page
This page appears upon the first login after two-factor authentication (via TOTP) has been activated. You can only sign in to the STP Cloud if you successfully complete the setup. An authentication app is usually used for this, which allows you to simply scan the displayed QR code to configure the app. If this is not possible or if software is used that does not support a QR code, the settings can alternatively be made manually using the security key displayed under the QR code. To confirm, the user must enter an initial code from the app in the data field below and confirm. The user is now redirected to the following page.
Backup code page
In addition to some instructions, a table with 12 backup codes is displayed here. These can be used as an alternative to the codes from the app to sign in. This may be necessary if, for example, the smartphone used is defective or unavailable for another reason. Each of these codes can only be used once. There are two buttons above the table. The left button can be used to copy the backup codes to the clipboard, e.g. to copy them to a document and store them securely. The right button can be used to print the displayed page. Secure storage is absolutely essential, as the backup codes can only be displayed once. With the ‘Confirm’ button, the user completes the setup and is redirected to the login page.
Related to