My Account
AUTOMATIC TRANSLATION OF THIS PAGE IN GERMAN
Here you will find information about the page 'My Account', which can be accessed in the account management at this address:
On this page you can see the logins or login attempts of the last seven days with your login data and information about the device you are using. This overview should help you to recognise possible password thefts or attempts. You may also be here because of an account lockout notification or a login from an unknown device. On this page, we explain what information appears here and how it can be interpreted:
Someone is trying to steal my password
If someone tries to steal your web password and tries through passwords, you will see a lot of incorrect login attempts on this page that you cannot explain with your own activities. The login form slows down attackers here so that they cannot try out as many passwords as they like in a short space of time. You may also have received a notification that your login has been temporarily blocked because too many incorrect logins have been attempted. Nevertheless, in such a case you should:
- Get an even stronger web password
- Enable two-factor authentication (see the following section)
- Keep an eye on the 'My Activities' page in the following days
Someone has already stolen my password!
If a password theft has already occurred and your access is being misused, you would see successful logins at times that you cannot explain by your own activities. You should also have received an email notifying you of a login from an unknown device.
Here you need to act quickly so that you do not lose control over your access and to stop the activities that a foreign person is carrying out in your name in the system:
- Set a new, stronger web password immediately
- Then, contact us right away
- Activate two-factor authentication (see the following section)
Secure passwords and two-factor authentication
We have gathered tips for choosing a secure password on this page for you.
An even more effective means of increasing the security of your access is the use of two-factor authentication, which can be activated in a few steps.
Notifications from the login system
The login system sends you emails in certain cases to inform you about important events for the security of your login:
Temporary lock of your login
To prevent the theft of your web password, a temporary lock of your login is created after a certain number of failed login attempts. During the lock period, no logins are possible. You will be informed about the lock and its duration via email.
Login with your login from an unknown device
Since August 21, 2024, the login system sends notifications when you log in for the first time on a new device. This is intended to enable you to recognize and stop the theft of your login data yourself. You can find extensive descriptions of how this function works in this blogpost (in german language).
Activation and deactivation of two-factor authentication
Changes to the use of two-factor authentication also trigger notifications to provide usage hints, but also to recognize when outsiders are tampering with your login.
The email address to which the system sends security-related information is displayed in the page menu. The system determines the address from several sources, in this order:
- The address registered in the eKVV, see the eKVV page 'My Email Address'. Employees can also generally enter their own addresses here.
- The personal address registered in the PEVZ. No functional addresses are used.
- Your own BITS mailbox.
- The private email address registered in the PRISMA portal (found in the 'Meine Daten' section).
The first address found in this sequence will be used. The display shows from which source the email address originates. If you want security-related emails to go to a different address, changing the eKVV address is the simplest way.