How to Enable Multi-Factor Authentication (MFA)

To continue our enhanced security efforts, some SAP platforms/sites will offer you a more secure sign-in method, a time-based one-time password (TOTP) MFA.

This page will walk you through how to enable MFA through your SAP profile, to prepare you in advance, when entering sites that require TOTP. At the bottom of this page, you can also learn how to disable and re-enable MFA when switching devices.

How to Enable MFA Through Your SAP Account

1.  Access your account: https://accounts.sap.com.

2.  Scroll down to TOTP Two-Factor Authentication and click the plus icon.

3. You will be prompted to enable the SAP Authenticator application, or any supported authenticator, on your mobile device.

4.  After downloading the authenticator, follow the instructions within the authenticator application to complete the installation on your mobile device.

5. A passcode will be generated. Enter your passcode in the passcode field, then click Activate.

6. The page will refresh and a confirmation message will appear upon successful set up to TOTP, saying “Profile Updated”. You will also receive an email confirming the update to your account and see a trash icon next to the TOTP title field.

Note: Going forward, if needed, use the generated passcode if an application requires two-factor authentication from you. 

How to Disable and Re-enable MFA Through Your SAP Account

Please Note: You must disable MFA before changing the authenticator application.

This must be done, for example, when you switch to a new mobile device

1. Navigate to your SAP Universal ID Account.

2. Scroll to the TOTP Two-Factor Authentication section and click the trash icon. 

3. Select the deactivation channel to deactivate by. You may chose the existing TFA method, sending a one-time reset code to your previously validated email address or SMS number.

4. A generated passcode will be sent to you by your selected method. Enter that passcode in the text field.

5. Your TOTP will now be deactivated and a [+] sign will appear next to the TOTP headline.

Note: You will be required to add a new TOTP profile to your account before you can authenticate into the platforms which require it. Follow the instructions above to re-enable your MFA on your new device.

Additional Support

If you experience any problems, please reach out to Support.