Mobile navigation is open Mobile navigation is close
Search icon
Sign upLog in

Two-factor authentication

Support for OTP login ended on December 1, 2022.

If OTP was your only login method, you will have to submit a Request to remove two-factor authentication to access your account.

If you haven't logged in in to your MojeID account for more than 18 months, your password was invalidated. In addition to the two-factor authentication removal you will also have to do a Password reset .

Support for MojeID Autentikátor login ended on December 1, 2022.

If MojeID Autentikátor was your only login method, you will have to submit a Request to remove two-factor authentication to access your account.

If you haven't logged in in to your MojeID account for more than 18 months, your password was invalidated. In addition to the two-factor authentication removal you will also have to do a Password reset .

A security key with support for the FIDO 2 protocol is a small device (with a USB connector) that can be associated with your MojeID account. Then, besides filling in your password, you have to confirm login to your account by also pressing a button on the security key.

An alternative to a separate security key can also be:

  • Mobile device with operating system Android 7.0 or higher (the device must have an active screen lock - PIN, fingerprint, face recognition...). You then use this mobile device to access MojeID.
  • Windows Hello is a way of authenticating a user on devices using operating system Windows 10 and higher. For the service to work, the device must have a PIN, fingerprint reader or face recognition protection set up. Windows Hello is available only in latest versions of Windows 10 and 11.


You can connect multiple security keys to your account. To confirm adding a new security key, please use one of the security keys you already use to log in. When connecting a new security key, you must fill in its name.

You can view security key details in your account. Security keys can be individually removed from your account.

If you want to use security key to access public administration services, you can find more information here.

Security keys can be purchased from online stores. The product specification must include the FIDO 2 label. These security keys are compatible with the older U2F standard.

We recommend following keys: Idem Key (GoTrust)YubiKey 5 series (Yubico)Security Key NFC (Yubico).

You may also find the generic term FIDO2 U2F in security key specifications.
You can use terms such as  "fido2 usb" or "fido2 nfc" to search the internet.

You can connect multiple security keys to your account.

It is an authentication hardware key for multi-factor authentication that provides secure login via a computer, mobile device or laptop. It requires physical presence of the key and manual user interaction to log in (pressing a button, entering a PIN code or touching a fingerprint reader).

The security key works without the need to install any software or drivers — the device acts like a USB keyboard. The user only needs a compatible version of a browser that supports FIDO 2 devices. The latest versions of Chrome, Firefox, Edge and Safari work well.

A security PIN can be entered for keys via the operating system or the manufacturer's application, which further increases security. YubiKey keys can be managed in the YubiKey Manager application. This application also allows you to reset the key and remove the entered PIN. Please note that the reset will disable your MojeID account login, so you will need to remove the key from your account and set it up again.

Using a security key can eliminate threats, such as Man-in-the-Middle Attack and Phishing.

The security key does not serve as a memory drive, but only for login. It should be plugged directly into a computer, not into a docking station. You can connect multiple keys to your account.

  1. In the Chrome browser visit https://webauthn.me/debugger.
  2. Insert security key to the USB port.
  3. At the bottom of the page, check the attestation box and in the drop-down list select direct.
  4. Click Register.
  5. Use the security key and allow the MojeID website to access your security key.
  6. If the key works, a new Output section appears under the Register button. Click DOWNLOAD (JSON).
  7. Send the downloaded .json file to our technical support at podpora@mojeid.cz

If the Always require second factor checkbox is checked, it is necessary to confirm any login by a two-factor authentication. You can choose your preferred authentication method.

When the checkbox is unchecked, the second factor is required only to log in to a MojeID account and other services that always require two-factor authentication (e.g., public administration services).

  • Message Registration failed, incorrect data from security key.
    • If you use a system security key (mobile phone, tablet) and you see this message, it means your device sent the required data out of specification in the wrong format. In this case, the problem is probably on the side of device manufacturer. Please, use different device or hadrware security key. You may also contact the device manufacturer and ask for a fix.

If you have any questions or comments concerning MojeID, contact us at podpora@mojeid.cz or call the technical support of the CZ.NIC Association, the administrator of the domain register, at +420 731 657 660 or +420 222 745 111 (24/7).