What is two-factor authentication?

Two-factor authentication involves the use of a one-time code whenever you log in, in addition to your regular password.

We have chosen a solution that uses the so called "Time-based One-time Password Algorithm"; a very commonly used mechanism for two-factor authentication. To be able to use this, you must install an application (app) on your smartphone. A common app to use is "Google Authenticator", but there are some other alternatives, such as "Authy", "FreeOTP", and "Toopher"

Relevant only for some users

Two-factor authentication is mandatory for some user groups, for example administrators and groups with access to restricted material.

For other users, it is possible to enable two-factor authentication, if they so desire. Before choosing to activate two-factor authentication, you should understand what it is and if you can use it. To use two-factor authentication, you need a smartphone with the possibility of installing an application (app) which supports this type of service. If you do not have a smartphone where you can install such an application, then you should not attempt to enable two-factor authentication.

How to proceed

1. In the "Security" section of your user profile, click "Enable" under "Two-factor authentication".

2. You must enter your regular password to confirm you have the rights to make this kind of security change.

3. You will now see the following screen.

4. Open the app “Google Authenticator” or its equivalent on your smartphone (install the app first if you have not already done so).

5. In "Google Authenticator", click on the + symbol, top right. Then choose “Scan barcode”.

6. The app may ask for your permission to access the smartphone camera. Click "Allow", to allow this. The camera will be opened. Point the camera towards the barcode displayed on your computer screen.

7. You may also select "Manual Entry", and enter the code which is written beneath the QR-code.

8. You will now be presented with a large, blue 6-digit code with the title "Digitalarkivet" above it, and your email address below. Use this code where you are asked for "One-time password/code" on your computer screen, and click "Continue".

9. You should now have successfully activated two-factor authentication.

Please note! Once you have activated two-factor authentication, you must use the authentication app on your smartphone every time you login. If you lose your phone or change it, you must transfer the settings from the app (some apps allow these settings to be stored in the cloud service). If you lose your phone, you must use these backup codes. These can be found under "Two-factor backup codes" in the "Security" section. Copy these codes, and save them in a safe place, so you can easily restore access. The backup codes can also be printed out.

The numeric one-time code used when logging in, is rotated every 30 seconds. For the last 5 of these 30 seconds, the number will be shown in red before a new number is generated. You must use the code to login before it is renewed,or the login attempt will fail. When this happens, you must then use the code from the next 30 second period.

Common issues

You write the code underneath the QR-code, but get an error.

The code presented underneath the QR-code must be entered into the app on the smartphone, which will respond with a 6-digit code. It is this 6-digit code thatyou enter when asked for the one-time code/password on your computer screen.

If you cannot use it

Two-factor authentication can only be activated if you can complete the procedure for turning it on. If you cannot do this, then it will not be activated. In this case, you can only login with your registered e-mail (which is your username), and the password you have set.

When you have activated two-factor authentication, it is possible to turn if off, but to do this you must first login and change this in the settings for your user account.