News

From October 1st: FinanzOnline mandates 2-factor authentication – what this means for you

Ab 1. Oktober: FinanzOnline setzt Pflicht auf 2-Faktor-Authentifizierung – was das für dich bedeutet

What's new?

From October 1, 2025, FinanzOnline, the Austrian portal for tax matters, will be required to implement two-factor authentication (2FA). This means that in addition to your username and password, you will need to use an additional security measure. This change is intended to significantly increase security.

If you are already using ID Austria, nothing will change for you — this identity verification app already meets the requirements.

Why is 2FA becoming mandatory?

  • More protection against abuse:
    A password alone can be stolen, guessed, or leaked. The second factor prevents unauthorized access using only the password.
  • Standard in many sensitive areas:
    Online banking, government services, and other digital services have long required two-factor authentication (2FA). Austria is now following suit with FinanzOnline.
  • Digital technology meets security:
    Confidentiality and data protection are essential when dealing with sensitive data (tax, finance, personal information).

What options are available for the second authentication level?

If you don't use or can't use ID Austria, there are alternatives:

  • Authenticator apps like Google Authenticator or Microsoft Authenticator generate one-time codes that must be entered in addition to the password.
  • Devices or keys that offer hardware-based 2FA (e.g., USB or NFC tokens).

How does a YubiKey help here?

A YubiKey is exactly the kind of security device/hardware token that you can use as a second factor. Advantages:

  • Very safe:
     Since the key must be physically present, theft or hacking from a distance is significantly more difficult.
  • Comfort:
     No need to find or type in codes; often, a simple press of a button or plugging in the device is enough.
  • Durable and robust:
     YubiKeys are designed to last for many years and are often water-, dust-, and shock-resistant.

This makes a YubiKey ideal as an alternative to the app or code generator.

What should you do now?

  1. Check if you are already using 2FA:
    Perhaps you already use ID Austria or an authenticator app. Then you're all set.
  2. Prepare:
    If not: Find out how to use an authenticator app or get a hardware token like a YubiKey.
  3. Activate early:
    To avoid any login problems on the cut-off date, it's worth switching and setting up before October 1st.
  4. Plan for recovery:
    In case your device is lost or breaks: Make sure you have backup solutions or recovery codes.

Conclusion: More security for all citizens

The requirement for two-factor authentication at FinanzOnline is an important step towards better protecting digital identities and sensitive tax data. It requires little effort from users, but the security benefits are significant. Those who prepare now—for example, with a YubiKey or an authenticator app—will save themselves trouble later.

Compatible YubiKeys can be found here .

Reading next

YubiKey kaufen – Ihre wichtigsten Fragen beantwortet

Buying a YubiKey – Your most important questions answered

Jul 31, 2025
BLACK WEEK DEAL: € 25,- SOFORT RABATT auf YubiKeys der 5er-Serie!

BLACK WEEK DEAL: €25 INSTANT DISCOUNT on YubiKeys 5 series!

Nov 21, 2025