If you have lost your phone or got a new phone:

If you still have your old phone, you can often transfer the TOTP secrets to another phone. E.g Google Authenticator has a "Transfer Accounts" menu where you can tell it to display a QR code that you can then scan with the app on another phone to copy that code.

Some TOTP apps (e.g Microsoft Authenticator) can backup your codes to the cloud. If you have such a backup or can make one, restore your codes from it on the new phone.

If you have lost your old phone or you cannot transfer the codes from it: follow the instructions on this page.

If you have uninstalled the TOTP app:

Most TOTP apps store their settings (and codes) with the app, so when you uninstall the app the codes are also lost.

Some TOTP apps (e.g Microsoft Authenticator) can backup your codes to the cloud. If you have such a backup, restore your codes from it.

If you have no backup or cannot restore it, follow the instructions on this page.

If you cannot log in:

If you believe you have working codes and remember your password, but cannot log in - please check the following three common errors.

If you still cannot solve the problem, contact NSC Support.

1: Make sure your are using the correct TOTP code

Many users will have TOTP codes for both SUPR and NSC clusters, and perhaps also for other clusters, and for Microsoft, Google, GitHub etc. Please make sure you are using the correct one to login to the NSC cluster.

For example, to login to the fictional NSC cluster "Duolith" as the fictional user x_examp, you should use the 6-digit TOTP code that is shown in your app next to "NSC Duolith (x_examp)".

Conversely, a TOTP code shown to be for "SUPR" in the app is not the one you use when logging in to an NSC cluster.

2: Do not use old TOTP codes

Please note that the TOTP code changes every 30 seconds. You cannot note down or remember a code and use it later.

3: Make sure your phone has the correct time and timezone set

The first T in TOTP stands for Time. Since the codes are time-based, it's important that the device where you run your TOTP app has the correct time (and that the cluster has the correct time, but that is rarely a problem).

Most mobile phones will automatically keep the correct time as long as they have a network connection.

If you encounter problems when traveling, check that your phone uses the local timezone and that the clock shows correct local time. This ensures that TOTP (which uses UTC time) will work correctly.

There are simple web services (like time.is you can use to check if your device has the correct time.

Note: the time requirements are fairly strict. A code is valid for 30s, and the cluster accepts three codes (the correct one, the next older one and the next newer one), so your phone clock cannot be off by more than 30 seconds or so before you start getting problems, and if it's off by several minutes the codes will never work. If you have automatic time sync enabled, this should not be a problem.

If you have an old account and never set up TOTP

Read this page.

If you have no smartphone

If you have access to a smartphone, tablet or other device that can run a TOTP app, use it. It does not have to be a "work phone" or even have a phone number or SIM card. You just need to be able to run the app.

If you don't have access to any such device, you can still (and you must) use 2FA. In that case, install a TOTP application on some other computer. Such apps are available for all common operating systems. The computer does not need to have a camera, instead of scanning a QR code you can enter the "TOTP secret" that is displayed alongside the QR code.

We recommend but do not require that you run the TOTP app on a different device/computer than the one you use to login to our clusters. Doing so provides some extra security as it becomes more difficult for an attacker to steal both your password and valid TOTP codes from the same location.

Authy is a popular TOTP app for Android and iOS, but it also seems to have macOS, Linux and Windows versions: https://authy.com/

If you already use some other security product like KeePass, LastPass or Yubikey, they sometimes offer a TOTP generator as part of the product. E.g https://www.yubico.com/products/yubico-authenticator/ uses a Yubikey hardware key to securely store the TOTP secret and an application (Linux/Windows/macOS) to display the generated codes.