Additional login step

AUAS has implemented various measures to safeguard the security of sensitive data. As a consequence, in addition to entering your AUAS ID and password, you may have to enter an additional code to access certain systems.

Two-step log-in

Step 1. Log in by entering your AUAS ID and the associated password.
Step 2. Log in by entering an additional code provided by a so-called ‘token’.

There are several types of tokens which you can use:

  • Tiqr app: after logging in by entering your AUAS ID and password, you will receive a push notification on your mobile phone. Open the message and create a pin code with which to log in;
  • SMS text message: after logging in by entering your AUAS ID and password, you will receive a text message containing a single-use code on your mobile phone. Enter the code on the log-in screen to log in.

If the system that you are trying to access is subject to additional security requirements, you may also opt for a third option: a YubiKey (USB flash drive). Insert the USB flash drive into your computer. The button on the USB flash drive will generate a password that is automatically entered onto the log-in screen. If you wish to use a YubiKey, apply for one through your ICT Services contact person. The YubiKey cannot be registered until you have actually received it.

Please note that you must register one of the aforementioned options through the SURFconext registration portal before being able to use two-step log-in. Next, visit a service desk to activate the authentication method that you have chosen. Please find a step-by-step description of the process below.

Choosing and registering a token

Go to SURFconext registration portal and indicate whether you wish to use the Tiqr app, text messages or a YubiKey (USB flash drive) as your authentication method. Next, register your mobile phone or YubiKey.

Once you have made a choice, completed all steps listed on the website and clicked the link in the confirmation email, you can now activate your token at a service desk.

Activating your token at a Service Desk

The final step in the procedure is a visit to a service desk. Bring the activation code provided in the confirmation email, your chosen authentication method (mobile phone or USB flash drive) and a valid ID. A service desk officer will check whether your identity matches your account details and whether you actually own the authentication method. Once this fact has been established, activation will be completed and you will be able to use the two-step log-in procedure.

Please note! If you are unable to activate your token at a AUAS location due to Corona measures it is possible to do it remotely. Please contact one the the service desks below (only app and SMS) or send an email to Service Desk ICTS (app, SMS and YubiKey). In both cases an employee will contact you to make an appointment. During the appointment the procedure will be done remotely, a webcam or phone with camera is required.

Please send an email to the service desk closest to you:
Nicolaes Tulphuis,
Dr. Meurerhuis,

Lost token

In the event that you lose your mobile phone or YubiKey, go to SURFconext's registration portal, where you will find an overview of your chosen token(s). Click the ‘Remove’ button next to the name of the token that you have lost. When you receive a new phone or YubiKey, you will once more have to register and activate it at a service desk.

More information

SURFnet’s wiki page (in Dutch) provides more information on the two-step log-in procedure. The FAQ will provide you with answers to questions such as ‘Does it matter whether I register my private phone or my work phone?’

Published by  ICT Services 13 May 2021