Help

• Enter "*.pfx" (without quotation marks) in the search field of your desktop´s taskbar and press [Enter].
• The certificate is saved with the extension "*.pfx". This kind of file format is quite rare and will normally not show up often in your search results.
• Your computer searches the hard drive for the certificate file. Depending on the memory used, this may take several minutes.
• The certificate is then displayed in the search results if it is saved on the hard disk. If you can no longer find your certificate, you have to register again.

The password, which means, that it's only known by you. You cannot login to authega without your password and you also can not access your business application.
If you forget your password, it can't be issued again, because it's part of the certificate. Therefore, your authega account will no longer be usable.
If you use the registration type authegaBasic, your user account isn't locked, in case you've entered the password incorrectly three times. There is no limitation for log-in attempts.
Your account at authega is not automatically deleted if your certificate is locked, so you should delete your account due to security reasons. To access your business application, you have to register again.

Everything that authega offers is free of charge.

Yes, it is. You can also choose which registration type is most suited to your needs by selecting a suitable registration type.
You can find technical information concerning the different types of registration in the public area at Data Securtiy / Security Technology.

With the help of the authentication service authega, you can securely log on to various portals. The currently supported portals can be found on our portal selection.

The certificate files issued by authega do not contain any personal data. The assignment of your identity to the certificate file and the authorization are carried out exclusively in the respective business application. Due to the current legal situation and the pseudonymous design of authega's certificate file it cannot be used for the authentication to different business applications. Otherwise data protection would not be ensured.

If you have been notified by authega that your certificate file is about to expire, please log in to authega. Select "Renew user account" at "My user account". After entering the password click "Save renewed certificate file". You are now asked to save the new certificate file to complete the renewal. Future logins have to be performed using the new certificate file. See also the video instructions on how to renew the user account.

Please note that it is necessary to renew your certificate file before it expires. Otherwise you will no longer be able to log in with authega or renew your certificate file after expiration.

We recommend deleting the already expired authega certificate file, in order to avoid confusion.

If you are using an iPhone/iPad to renew your user account, please note the information on using an iPhone/iPad .

The password is your personal identification component that belongs to the certificate file generated and without which it is not possible to have access to your authega account. It is chosen by you yourself during the registration process (see Registration ) according to predefined criteria. Please ensure that the password is neither lost nor known to others, as it cannot be reset or reassigned. Authentication with authega and access to the business applications can only be granted with a valid certificate file and knowledge of the associated password. More information can be found here.

If you do not receive an Email with activation ID within two days or a letter with activation code within 10 working days, please check the data indicated in registration process and contact the Hotline , if necessary.

If you have made several registration attempts and therefore have received more than one email with an activation ID or several letters with activation codes, you can differentiate between them and assign them to each other using the blocking code („Sperrcode“) or time of registration noted on them.

To complete registration, use the activation data from any letter and the corresponding email.

In principle, the name of the certificate file can be freely chosen as long as the .pfx attachment is retained. The name proposed when creating the certificate begins with "authega" and contains information about the associated portal (eg "lff" for the PersonalID in Bavaria) and the time of creation (in the form yyyymmdd_hhmm).

If you chose the option "save additional (backup) copy of the certificate file to hard drive" during registration, you can load this file during login in a different browser, or copy it to another computer. Alternatively, you can login to authega and then use the "Export certificate file" functionality in the service area to save the certificate externally.

To transfer a certificate file between these browsers, after logging in to authega you can use the 'Export' function for the certificate file in My user account > Manage comfort login to save it as a .pfx file. Afterwards you can load the .pfx file into another browser by clicking on Login (option "In a folder on your computer"; see FAQ How do I find the certificate file on my computer? ). After this action the certificate file will also be stored in this browser as well.

When using an iPad/iPhone shared with other people (e.g. “family iPad”), you should not use the comfort-login and make sure that the password for the login with certificate file is not visible to all users.

Please note the special feature of the Apple browser Safari on the iPhone/iPad: With some updates, the browser's offline store is cleared, wich also deletes any stored certificate files. (see System Requirements >  Instructions for use of iPhone/iPad ).

If you renew your certificate file or change your Password, only the copy of the certificate file stored in your currently used browser will be changed. Please export the changed certificate file after the renewal or change of the Password and import it to all other browsers where the certificate file is used.

Storing the certificate file in a cloud is strongly discouraged.

By storing it in a cloud the certificate file is no longer in your immediate possession, but located in the cloud systems of the provider. Please note the further information about the topic Registration / Knowledge and possession  and  authega with certificate file / Knowledge and possession  in the  IT-Security  section of the authega help.

Furthermore, problems with the connectivity to the cloud might hinder the certificate file stored in a cloud being used to log in to authega. If you do not regain access to the certificate file stored in the cloud and you have no other login options (see video instructions on the different types of registration and login at authega) or a backup copy of your certificate file you need to complete the registration process again in order to regain access to authega.

On iPhone/iPad the certificate file generated during registration in the browser can only be downloaded if the browser used is Chrome or Edge (and not the pre-installed default browser Safari). These browsers will create a folder called “Chrome” or “Edge” folder on the iPhone/iPad where the certificate file will be saved when downloaded. The certificate file can be accessed from the corresponding folder when logging in.

When using the Safari browser pre-installed by Apple on the iPhone/iPad, the certificate file generated during registration in the browser cannot be downloaded and saved because the device tries to import the certificate file directly, which leads to an error.

You can copy the certificate (file with the extension .pfx), which was generated during registration, for example using a computer, to the iPhone/iPad and then select it when logging in.

You can also store the certificate file in the browser's offline store: For more information, see Comfort-Login. Please note that updates may clear your browser's offline store. This also applies to the authega certificate files, that are stored in the offline store as part of the comfort-login.

When using an iPad/iPhone shared with other people (e.g. “family iPad”), you should not use the comfort-login and make sure that the password for the login with certificate file is not visible to all users.

You can find further information about this in the Overview of supported browsers and operating systems.

Yes, it is. You can also choose which registration types most suited to your needs by selecting a suitable registration type.
You can find technical information concerning the different types of registration in the public area at "Security".

For security reasons, authega will close an open session automatically after 10 hours, when no actions were registered during this time. An automatic login to more than one business application without repeated Password entry is only possible within 5 minutes, once this time has elapsed, you are asked to authenticate again using your certificate and Password.

Each certificate has a unique feature, the so-called fingerprint. The fingerprint of a certificate can be viewed in the information on the certificate of a website.
The latest, valid fingerprint for authega web server certificate can be found authega-Webserver-Certifikate.

Captchas are intended to prevent automated misuse of authega.

Please note the following:

• The captcha is not case-sensitive.
• The audio captcha and the visual captcha differ in their content.
• The audio captcha consists of 5 numbers.
• The visual captcha consists of 4 to 6 characters.
• If you cannot read or understand characters, click 'New Captcha'.
• The captcha can be repeated as often as you like.
• Enter the recognized characters in the correct order.

As a precaution you should use My user account > Change password or My user account > Renew user account. By doing this your existing certificate file will become invalid and you will receive a new certificate file with a new password.

Every electronic certificate has a certain period of validity. The expiry of a certificate is therefore a normal process. In case of certificate files the validity starts when the certificate file has been issued in the second step of the registration ("activation"). The authega certificate files are valid for three years.

If you have activated several user accounts you may also receive several reminders to renew (every single one of) these user accounts. To avoid confusion between the different user accounts you should therefore check which is the specific user account you received the email reminder for.

After logging in to authega you can see the data connected to the user account you are currently logged in with. If you are in a different menu item, you can display the data of your user account by choosing "My User Account", as shown in the screenshot below:

The authegaID and registration date can be used to clearly identify your user account and distinguish it from outher authega accounts.

All saved data of your user account will remain untouched when you renew your cerificate file.

Several weeks before your certificate file expires you will be notified about the exact expiration date of your current certificate file by email and by notification at „My user account“ when you are logged in. If notified you should carry out the renewal as soon as possible with „Renew user account“ at „My user account“."

After your certificate file has expired you can no longer log in to authega and have access to the respective business application. User accounts that have become unusable due to the expiry of the certificate file are deleted automatically. To use authega again you would have to register again.

When a certificate file is renewed no permission are changed.

Select "Renew user account" at "My user account". After entering the password click "Save renewed certificate file". You are now asked to save the new certificate file to complete the renewal. Future logins have to be performed using the new certificate file.

If unexpected errors occur after selecting „Save renewed certificate file", please try to log in with the updated .pfx file first. If it does not work use the backup copy of your existing .pfx file. Should both options fail (using the correct password in each case), please contact the  Hotline or register again.

If you are using an iPhone/iPad to renew your user account, please note the information on using an iPhone/iPad .

When the renewal of the certificate file is complete, copies of your previous .pfx file (e. g. on other devices or as a backup) will no longer be working. You will need to replace them with copies of your renewed .pfx file.

If you are using an iPhone/iPad to renew your user account, please note the information on using an iPhone/iPad .

When you are logged in you can find information about your authega user account at „My user account“. If the validity of your certificate file specified there is longer than two years in the future the renewal of the certificate file was successful."

Yes, you can create an unlimited amout of user accounts, but there might be restrictions in certain business applications.

 In some cases (e. g. password / certificate file lost or no longer usable, previous account was deleted with original registration) a re-registration is recommended.

It is not possible to use two different user accounts in one browser at the same time. If you use a second window or tab to access authega, the parallel window or tab will still access the user account to which you are already logged in.

You have to register separately for each user account that you require or have to be registered by a person involved with the business application.

There may be restrictions for certain business applications.

No, unfortunately this is not possible.

The certificate files issued by authega do not contain any personal data. The assignment of your identity to the certificate file and the authorization are carried out exclusively in the respective business application. Due to the current legal situation and the pseudonymous design of authega's certificate file it cannot be used for the authentication to different business applications. Otherwise data protection would not be ensured.

Yes, you can use "Delete account" to delete our user account you no longer require. You have to enter your user account's lock code, answer/fill in the CAPTCHA and then click "Next". If you forgot the lock code of your user account, you can request the information for your registered user accounts to be sent to you. To do this, enter the identification data you entered during registration. You will then shortly receive an email to the address used during registration containing the locking code of your account.

Next, please enter the answer to the appropriate "security question" and select a reason why you would like to delete the account. You will then be asked once more if you really want to delete the account. Clicking "Yes" initiates the account lock of your personal access. If an unauthorized person would like to lock your account, he or she would have to know your identification data and the answer to your personal security question, so you really should memorize the answer to the "security question" and avoid giving it to anyone else.
If the answer to the security question was entered incorrectly 3 times, you can retry deleting your account only the next day (starting at 00:00:01 o'clock). You have three log-in attempts, just like before.
If you have realized that your authega user account has been missused, and that you cannot remember your security question to delete the account, you can arrange the deletion of your user account by contacting the service desk responsible for you.

Yes, you can use "delete account" to delete your user account even if the registration process is not yet completed. However, please note, that a letter with an activation code will be sent to you for technical reasons anyway. This does not affect the deletion of your account. You can delete the letter with the activation code afterwards.

No, you can't. If you need access, you are going to need to register again. Deleting your account does not lead to any loss of data in the business application (this does not apply to "Plattform für sichere Kommunikation in Bayern").

If the answer to the security question was entered incorrectly three times, you can retry deleting the user account on the next day (starting at 00:00:01 o'clock). Once again you can try 3 times.
If you realize, that your authega user account has been missused, and if you cannot remember your security question to delete the account, you can arrange the deletion of your user account by contacting the service desk responsible for you.

No personal data are going to remain in the system. In both cases your personal data will be removed automatically and completely from the attached data processing system.
The user does not have to take explicit steps in this case.

Das können Sie nach dem Login in Ihr authega-Konto und der anschließenden Auswahl von "FIDO/Passkeys verwalten" tun. Eine Beschreibung dazu finden Sie hier .

Das können Sie nach dem Login in Ihr authega-Konto und der anschließenden Auswahl von "FIDO/Passkeys verwalten" tun. Eine Beschreibung dazu finden Sie hier . Wichtig: Der Token/Passkey wird dadurch nur in Ihrem authega Benutzerkonto gelöscht, nicht auf Ihrem Authenticator. Dort sollten Sie diesen separat löschen, da ein Login in authega damit dann nicht mehr möglich ist.

Das kann insb. dadurch zustande kommen, dass bei mehrfachem Hinzufügen eines FIDO-Tokens/Passkeys der vom System immer nach dem gleichen Schema vorgeschlagene Anzeigename unverändert übernommen wurde. Daher ist es ratsam, hier z.B. an den System-seitig vorgeschlagenen Namen noch die Bezeichnung des jeweils verwendeten Authenticators anzuhängen, z.B. "YubiKey 5 NFC" oder "iPhone SE". So lassen sich mehrere Token/Passkeys, die aus Sicherheitsgründen auf unterschiedlichen Authenticators erzeugt wurden (vorsorgliche Redundanz, um einem Token/Passkey-Verlust vorzubeugen), leicht zuordnen. Wurden mit demselben Authenticator mehrere Token/Passkeys hinzugefügt, so wird ein vorher auf diesem Authenticator bereits bestehender Token/Passkey für das gleiche authega-Benutzerkonto immer überschrieben. D.h. hier ist dann pro Gerät immer nur der aktuellste gültig: Dies kann unter Mein Benutzerkonto > FIDO/Passkeys verwalten (siehe hier ) anhand des aktuellsten Zeitpunkts in der Spalte "Erstellt" nachvollzogen werden. Ältere Token/Passkeys, die auf demselben Authenticator hinzugefügt wurden, können dann aus der Liste gelöscht werden.

In order to be able to use all functions, you have to allow cookies in your browser for authega.
If you do not want to allow cookies for all websites for security reasons, it is possible to add authega to the list of trusted sites (Chrome) or to allow an exception for this page (Firefox).
Note: The cookies used by authega do not contain any personal data, only the number of your current user session or, if applicable, the path to the certificate you are using.