Instructions: Setting up Authentication with Verification Codes (both first and additional apps or devices)
These instructions apply to both the initial and subsequent setup of the application for verification code authentication (TOTP).
1
Open the interface for authentications settings mfa.id.muni.cz and log in through the MUNI Unified Login. Enter the system by clicking the Log in button.
2
Enter a description for the TOTP token and confirm by clicking Continue. The description serves only as your name for the token.
3
For the next steps in the guide, you will need an authentication app. If you are already using an app for this type of authentication, use the one you have installed. If you do not have one, you can use Aegis Authenticator for Android, Raivo OTP for iOS, or a password manager that supports this type of authentication, such as KeePassXC.
After installing the app, continue by clicking the I have an authentication app button.
4
A QR code containing the secret key of your token will be displayed. Scan this QR code using your authentication app.
You do not need to back up the QR code or link. You can register another authentication app or device later using a new code.
Enter the verification code from the app into the field and click the Verify token button.
5
If the entered code is correct, the token will be added.
For your initial setup of Multi-Factor Authentication, click the Continue button.
If you are adding another token, the process is successfully completed.
6
Multi-Factor Authentication has been automatically activated for all services protected by MUNI Unified Login. Continue by clicking OK.
7
When first activating Multi-Factor Authentication, it is necessary to also save the backup codes. Download them as a PDF or print them by clicking the Save or Print button. Then click the I have backup codes button.
Note: Backup codes are single‑use, which means each code is invalidated after one use.
If you use or lose all your backup codes, you can generate new ones.
8
At this step, Multi-Factor Authentication (MFA) has been successfully set up. All services that use MUNI Unified Login will now require MFA. If you are satisfied with MFA being enabled for all services, you can click the Log out button.
If you do not want MFA enabled for all services, click the Service Settings button and proceed to the next guide on how to enable MFA only for selected services.
