EU Funding & Tenders Portal

F&T Portal IT How To

IT How To


Table of contents

Getting Started


FAQ


Process Overview

Two factor authentication overview

2-step verification, or two-factor authentication, allows you to secure your Portal account by adding a second authentication element apart from your password. In this sense, to access your account you will use a logical element, i.e. your password, and a physical element, such as a device to confirm the authentication process. 

No compulsory right now, it will become obligatory in the coming months because of security reasons. The threats to cybersecurity are increasing, therefore, all users of the Funding & Tenders Portal are strongly encouraged to establish two-factor authentication for their EU Login account as soon as possible. 

EU Login presents different possibilities to authenticate using a second factor, and you will need to set up at least one of them, but we recommend you to set up more than one if possible:

  • A registered device (smartphone, but it can also be a tablet) with the EU Login app installed on it.
  • A registered security key external to your PC.
  • A trusted platform if your pc has a trusted platform module (TPM), or Secure Enclave if it is a MAC, i.e. your pc supports biometric authentication such as a finger print sensor.
  • A passkey stored on your device mobile (smartphone or table). For this method you do not need to install any app, but both the device and the PC need to have Bluetooth enabled to communicate with each other (you do not need to paired them).
  • An eID.
  • It is still possible to register a phone number and authenticate with a code received via SMS, but this option will be discontinued as from June 2025. If you are using this option, please set up an alternative option as soon a possible.

The process to use two factor would comprise three steps:

  1. Register a two factor authentication method linked to your EU Login.
  2. Enable the two factor for your Portal account.
  3. Select a two factor authentication method when signing in to the Portal.

Register a two factor authentication method

In all cases, you will need to access your EU Login account by clicking on your profile avatar on the Portal and selecting My Account, and then, click on the option to register the preferred method for second factor authentication, See below for the different options and concrete steps in each case.

 

Register a device (EU Login app)

Before registering the mobile device, please look for the EU Login mobile app in Google Play or App Store, depending on your device operating system, and have it installed in the device.

Minimum VersionOSVersion
Android min. SDK version24 or Android 7.0, Marshmellow
iOS deployment target12.0

iOS/iPadOS additional step

When using iOS/IPadOS you need to accept all authorization requests for the EU Login App after installing it (settings / applications and allow everything for the EU Login App)

You will use this option to register, typically, a smartphone, but you can also register a tablet.

Access you EU Login account.

After having the app installed on the device, access your EU Login Account on the Portal ( by clicking on your profile avatar on the Portal and selecting My Account), click on Manage my mobile devices.

Add the device to the list of your devices.

Click on Add a mobile device.

Provide a name for your device and a pin code of 4 digits. Click on Submit.

 


Link the device with the EU Login app.

You will be shown a QR code on the screen of your pc, you need to scan it using the EU Login App in your device.

Thus, open the EU Login app in the device.

If Initialize is greyed out, it is likely that you have linked the app in the past, it stays greyed out even if you removed the linking at level of you EU Login Account. Reinstall the App in the device, the Initialize option will become active.

Then, click on initialize. Click on the blue tick at the bottom right.

Scan the code.

If the QR is not being read by device, it can be due to your device not supporting an option to scan QRs with the cam directly. If this is the case, probably your device is not compatible, but you can try to instal an app that adds the service, for instance Google Lens.

Once the device scans the code, you will be asked to enter the pin code you specified in step 2. Click on the blue tick to confirm.

A confirmation will be displayed both on the device and on your computer.

As from this moment, you device have been registered and you can proceed to authenticate with it.

The app can be linked to one EU Login account, only. However, depending on the operating system of your device, you might have the possibility to create a second instance of the application (i.e. dual application setting in android), and link the second instance to a different account. Thus, this option could work for users with two accounts (i.e. a professional and a personal accounts) and one device.

It should also work in cases that you have one login and several devices, but all devices will need to be registered. Please note that once you register the first device, you will need it to confirm the registration of the rest of devices. Once registered, you can freely use each device to authenticate.


Video tutorial: using the EU Login app

Summary about registering a device and using the EU Login app


Register a phone number (discontinued as from June 2025)

This option will be discontinued as from June 2025. If you have enabled 2 factor only with this option, please ensure to enable one of the other options explained in this page.

For registering a phone number you do not need to install anything on your phone, simply register the number to link it with your EU Login account and confirm the registration with a code. 

Access you EU Login account.

Access your EU Login Account on the Portal ( by clicking on your profile avatar on the Portal and selecting My Account), click on Manage my mobile phone numbers.

Provide the phone number

Click on Add a mobile phone number.

Then, enter the phone number including the country code, click on Add.

An SMS will be sent to the provided phone number. Enter the code on the screen and click on on Finalise.

At this moment, you mobile phone has been registered for your account and you can start using it as second factor on the Portal.

Register a security key / trusted platform

You can register a security key or trusted platform.

The security key is a USB key that you insert in the pc and that will act a second factor. There are different options on the market and the only prerequisite is that the security key needs to be compliant with the FIDO2 authentication standard (consult the manufacturer /  product specifications before purchasing).

You can also register your pc as trusted platform and use it as second factor if it has a trusted platform module (TPM), a specialized security chip available in most modern PCs. You know that your PC contains this module because it allows you to secure the access via a pin code or via biometric solutions, such as a touch-ID, an area where you place your finger to gain access to the pc based on your previously registered fingerprint, or other means such as facial recognition. An example using TPM will be the Windows Hello service, so if you have Windows Hello enabled with at least a PIN authentication, you can use it even if the pc does not have touch-ID nor other biometric solutions. The equivalent for TPM in MACs is called secure enclave.

To use this last option, you will need to have configured the biometric access or Pin code access in your pc first. When registering the trusted platform, EU Login will detect the TPM and ask you to use it as trusted platform.

Access you EU Login account.

Access your EU Login Account on the Portal (by clicking on your profile avatar on the Portal and selecting My Account), click on Manage my Security Keys and Trusted Platforms.

Then, move to the correct Step 2 below depending of what you are registering.

Register a security key.

Insert the security key and click on Add a security key.

Provide a name for you security key and click on Submit.

If you did not insert the key yet, please cancel!

If your device has a trusted platform module (TPM), please be aware that your EU Login account could detect it at this point, specially if you did not insert the key in the pc yet.

A pop up will prompt you to use it (instead of the security key). Please click on Cancel to abort, otherwise you will be setting up the the biometric/pin code of you pc as second factor, and not the security key.

Then, you will see a pop up window to confirm that the security key will be used to authenticate for Eu Login and the email of you EU Login account, click OK to confirm.

If you did not insert the key yet, insert it now before clicking OK.

You will be asked to allow ecas.ec.europa.eu (this is the EU Login service) to have access to the manufacturing details of your key. Click OK to confirm.

Provide a pin for your security key and click OK.

Depending on the model, you will be requested to touch the key now.

At this point, your security key has been registered and you may use it as second factor.

Register a trusted platform.

Click on Add a Trusted Platform.

Then provide a name for your platform and click Submit.

A pop will appear prompting you to authenticate using your PC. You will see the authentication method that has been set up for you pc, click on more choices to see all the authentication methods configured on your pc, then select the one you want to use.

After authentication with the PC has been successful, you can start using it as second factor now.

You can link the TPM and security key to a more than one account. Thus, this option could work for users with two accounts (i.e. a professional and a private accounts).

You can also link several TPMs and security keys to one same account. You will need to confirm the registration of the rest of TPMs/security keys with the one you registered first; then you can freely use each one to authenticate.

Video tutorial: using a security key or trusted platform

Summary about registering a trusted platform / security key


Register a passkey in you mobile device

You can generate a passkey that you store in your mobile device, smartphone or tablet, and use it as second factor. You do not install any app in the device when opting for the method, but both the mobile device and the PC must support Bluetooh and have it switched on to communicate, although the device and the pc do not need to be paired.

Thus, to set up this method of authentication, make sure that Bluetooth is enabled on the device and on the pc first. Then create the passkey either directly on the device or from your PC, the steps are slightly different in each case, see below.

Create a passkey directly on your mobile device.

In your mobile device, open a browser session and go to the Portal, log in and click on your profile, select My Account.

 

Click on Manage my security keys and trusted platforms.

Select to add a security key. 

Give it a name and click on Submit

Select This device to set it up as security key, then use your mobile means of authentication to generate the passkey (for example, the phone pin code).

Finally, you will see the confirmation that the selected method has been added to your list. 

Create a passkey on your mobile device using your PC.

To store the passkey on the device, but using your PC to link it to your EU Login, go to the Portal on your PC, click on your profile, and select My Account

Click on Manage my security keys and trusted platforms

Select to add a security key. 

Give it a name and click on Submit

If you PC uses TPM (trusted platform), you might see just TPM options, make sure to cancel.

Then click ok when given the option to set up a security key. 

Accept the prompting to allow eu login to see your security key model.

When prompted to insert the security key, click Cancel.

Then select the option Use a different phone or tablet. Note that this option can look a bit different depending on the browser you are using. These are two examples using two different browsers. 

If you do not see any option for phone/tablet, it could be a problem of your browser, please use a different browser or proceed with usual clean up of your browser (delete cache, etc.).

A QR is generated with the passkey, scan it with your device. 

Tap the passkey on the device to use it.

Then, click continue to save it.

Authenticate on the device with your device pin.

Back on your PC, you will see a confirmation that the Passkey was linked to your EU Login.

The passkey can be linked to one single EU Login, since it is unique, and there can be one passkey linked to a given EU Login per device. However, it is possible to create a second passkey linked to a different EU Login in the same device. Thus, this option could work for users with two accounts (i.e. a professional and private accounts).

You can register several passkeys stored in different devices. You will only need to confirm the registration of further passkeys with one existing registered 2factor authentication method, then use each passkey freely.

Video tutorial: using a passkey

Summary about using a passkey as two factor

Link an eID to your EU Login account

You can use your National ID eCard (eID) as second factor. This is currently only possible for the countries that provide this service. Also note that the process to confirm the registration or log in happens in the country specific website or with the specific eID solution of the country. Thus, we will need to refer you to your country eID support for guidance on the specific steps to follow per country.

The use of National ID eCard as second factor authentication method usually implies having an additional hardware (i.e. a card reader). You have to make sure you have that piece of hardware if you opt for this method, but some countries offer virtual solutions and you would not need the card reader, for example the ITSME app for Belgium allowing you to identify via an APP instead of reading the eID.

 

Acces your EU login account.

Go to My Account and click on Manage my eID.

 

Click on Link my eID.

Select the country where the eID was issued and click on Submit.

Confirm by authenticating on your eID

A browser windown will open, it will look different depending on the selected country, but in all cases:

  • You will be presented with a list of the attributes that will be shared (i.e. name, surname, date of birth, person identifier).
  • You will be requested to authenticate with your eID.
  • You will be asked to confirm the sharing of the listed attibutes.

After confirming, you will return to the EU Login screen and will see the confirmation that the eID has been linked to your EU Login Account.

As from this moment, you can use the eID as second factor when loging in to your EU Login account.

You may link the eID to one EU Login account, only.

Video tutorial: using an eID

Summary about linking your EU Login account to your eID

Enable two-factor authentication

Go to your security settings (i.e. log in to the Portal, click on the arrow below the image of your profile and select Security Settings).

 

Click on Activate.

Select three different questions from the drop down list and enter an answer. These questions will be used when two-factor authentication is enabled but you are not able to sign in using it. Click on Send Questions to confirm.

No special characters are allowed, only Latin characters. Note also that upper case, spaces and accents (è,é,ê,ë, etc.) will not be considered when prompted to provide the answers to deactivate. You will receive an email confirming the activation of the two-factor authentication.
Also, when you access your security settings in the portal now, it will indicate that the two-factor authentication is active for your account.

If you have forgotten the answer to the security questions, you must contact the support helpdesk as soon as possible, as there is no way for you to remove the questions unassisted.

Use two-factor authentication

When two-factor authentication is active, select the option you registered as second factor.


  

These are the possible options you can use according to what you have registered as second factor:

  • if you registered a device, with the EU Login App, you can select either Eu Login Mobile App Pin Code or Eu Login Mobile App QR code.
  • if you registered a phone number, then select Mobile Phone + SMS
  • if you registered a security key or trusted platform, including a passkey generated on your mobile device, select it at the bottom of the list 

You can still log in to the portal with just your password, but when accessing you will be prompted to use or to deactivate it:



Click on 1 to sign in, and you will be presented with the list of available methods to authenticate using a second factor, or click on 2 to deactivate the 2-step validation by providing the answer to your questions. 
Once authenticated, you will be able to access any of the applications in the left-side navigation menu without further validation while your current Funding & Tenders Portal session remains active.

Disable two-factor authentication when device not available

If you device is not available at the moment but you still need to access My Area, you have the possibility to disable the 2-step. Select 2 as shown below.

You will be requested to provide the answers to your questions in an activate screen like the one below.

Provide the answers and click on Send Responses. If the answers are correct, you will directly access the application under My Area and you will get an email confirming that you deactivated the two-factor authentication. No further confirmation will be displayed on the screen.

After removing a device from the list of your devices

You can remove a device from your devices, via Security Settings, clicking on the hyperlink register your mobile or device in order to access your EU Login account.

Or via the My account option from the account menu on the right upper-corner.

Then select my mobile devices / Delete a mobile device.

However, notice that whenever you remove a device, even if you add a second device, when clicking the button to access My area, you will be shown the following recovery screen before actually being able to use the 2-factor verification.

For security reasons, you need to authenticate using the answer to your three questions. Afterwards, you will be able to use your 2-factor verification as usual, so you will be shown the 2nd verification step missing screen once again, and when clicking on the  button (option 1 below), you will proceed to use the 2-factor this time.

After using the panic button (external users only)

External users that are not LEARs have the possibility to delete any device linked within their EU Login account using a "panic button".

When clicking this button, a warning message will be shown informing that authentication by means of a device will not be possible any more. After confirming, you will get logged out.
You can log on back to your EU Login account using the usual password, but if the two-factor authentication was enabled when deleting the associated devices, you will not have access to any of the applications under My Area, because you will be prompted to authenticate using your device.
In this case, you will have two possibilities:

Deactivate 2-step providing the answer to the secret questions. Click on the  button when prompted for your questions, enter the answer in the recovery screen and click on the button.

Register a new mobile device.


First, install the EU Login Mobile App in your new device. Afterwards, you can register a new device going to Security Settings and clicking in the link to register a device.

 

Or via the My account option from the account menu on the right upper-corner and and clicking on Manage my mobile devices in the Your EU Login account.

 

Then click on Add a mobile device and provide a name for your new device and a four pin code. 

Click on Submit. Install now the EU Login app on your device and select Initialize (if by any chance EU Login had been set up in that device already, you need to reinstall the app).

Finally, scan the code which is being displayed on your pc. A message informing that there is a pending request for initialisation will be displayed on your app, after a couple of minutes it will be accepted and you will see a confirmation on your pc informing that the new device has been added to your account. You can use 2-step now with the new device: 

After registering a new device, whenever you try to use it for first time, you will be shown a recovery screen first, where you need to enter the answer to your questions. After clicking on the button, you will be prompted to authenticate with the 2-factor authentication. Proceed as usual.

Disable two-factor authentication from security settings

You can also deactivate the two-factor authentication at any moment by accessing your Security Settings in the Funding & Tenders Portal and selecting Deactivate:

Deactivating from Security Settings does not prompt you for your questions, but you will be prompted to sign in using two-factor authentication. Hence, this option cannot be used if your do not have your device with you:

Once signed in, you will be requested to confirm deactivating by clicking the Deactivate button a second time. You can reactivate the 2-step validation via security setting/activate again, you will need to enter new security questions, but there will be no need to register the device unless you deleted it from your linked devices.