Skip to main content

Safety instructions

edupression.com® is a web application, i.e. you use a browser to be able to use the programme. You only need the access data and can log in. In principle, no data from the application is stored on your device unless you download reports or documents as pdf files.

Please only use edupression.com® in a secure environment. If you access the application via public networks or third-party devices, there may be potential risks to the security of your data that we at edupression.com® cannot fully control.

Please note that user-specific data may remain in the working memory when the application is closed.

Login with modern and secure authentication methods

As a permanently listed DiGA in Germany, edupression.com® is required by law to implement the BSI TR-03161 IT security standard. This standard mandates the highest level of security for user authentication using the GesundheitsID in Germany. Since very few citizens in Germany use this, other recognized two-factor authentication methods such as Passkey or TOTP (Time-based One-Time Password) can be implemented. These methods are secure and can be quickly used by the user. A PIN sent via email or SMS will no longer be permitted as a second factor in the future due to unencrypted transmission.

Signing In with a Passkey
A passkey is a cryptographic authentication method that does not require a traditional password. You confirm the sign-in using your device’s security features or a password manager. This is possible in particular via:

• the security features of your operating system (e.g., Windows Hello in conjunction with the TPM security chip on the motherboard, Apple Touch ID or Face ID, Android screen lock)

• common password managers with passkey support (e.g., Google Password Manager, Apple iCloud Keychain, Bitwarden, KeePassXC)

Passkeys are considered particularly secure because they cannot be stolen through phishing or data breaches. Depending on the provider, you can transfer the passkey between your devices using its synchronization feature.

Login with Password and TOTP
Alternatively, you can log in using your password and a time-limited one-time code (TOTP – Time-based One-Time Password). The 6-digit code is regenerated every 30 seconds. To do this, you’ll need a standard authenticator app on your smartphone, such as: Google Authenticator, Microsoft Authenticator, Aegis, Authy, or another standard TOTP app

During the one-time setup, use the app to scan a QR code on edupression.com®. For every subsequent login, enter the 6-digit code currently displayed in the app after entering your password.

When using the edupression app: Signing in with biometrics (device binding)
If you use the edupression app from the App Store, you can simply use biometrics (fingerprint or Face ID) for device binding.

Login with GesundheitsID (Germany)
edupression also offers login via GesundheitsID. Contact your statutory health insurance provider to obtain and set up your GesundheitsID.

Important Information on Secure Use of the Login Processes
Keep your TOTP app and/or your passkey recovery options in a safe place. If you lose your device or switch to a new smartphone, set up the process on the new device or transfer your passkeys via your provider’s synchronization service.
Do not share your passkeys or TOTP codes with third parties. We will never ask you for this information.
If you no longer have access to your authentication method, please contact our support team so that we can work with you to securely restore your access.

Use of passwords

Use the password only for edupression.com® and not for other applications, it should be at least 8 characters long (NIST), preferably no linguistic terms, at least one upper and lower case letter, number and special characters must be included.

Never pass on passwords, we will never ask you for them!

It is best to save access data in a suitable password manager. It is considered less secure to save passwords directly in the browser, so at least use a master password in the browser.

It is best to log out after using the application, especially when using it on other people’s devices.

Please note that locking the screen does not automatically log you out of the health application. The inactive session is only cancelled after a certain period of time.

When closing edupression®, sensitive data may remain in the browser cache, so it is best to always delete the browser cache and history (see security settings of the respective browser).

Caution when using third-party devices

Never use unknown USB sticks.

When downloading reports, documents and profile pictures, make sure you know in which directory they are saved locally on your device, especially if you are working with third-party devices. This also applies when uploading a profile picture or submitting a recipe.
If you record screen content (screenshots), also pay attention to the local storage location so that this data is saved in the correct folder.

Always use device protection (pattern, PIN), if you do not have this, there is a risk that unauthorised persons will be able to access your edupression® account more easily, as a security hurdle is removed.

Take particular care when working on other people’s devices.

If possible, do not use edupression.com® in Internet cafés or similar places.

When using the browser, please note the other installed plug-ins.

As a user in the account, you can cancel your active session with edupression® at any time by simply logging out (Menu > Logout).

After use, log out of the applications and delete the history or all downloaded documents. Empty the recycle bin as well.

Note updates

If possible, always carry out updates (operating system, browser, app…).

Install a common security suite

Install and activate common antivirus programs, e.g. MS Defender integrated in Windows.

Only use the operating system on devices with accounts without admin authorisation, e.g. in Windows.

With regard to operating systems, only use standard, commercially available and tested operating systems such as Windows, Android or iOS. It could pose a high security risk if you use other than common operating systems or rooted smartphones.

Only use your device with device security (biometrics, PIN, pattern, etc.) and with a standard keyboard. Otherwise, this may pose a high security risk to your edupression® account and the health data it contains.

Information on the use of libraries and third-party software in accordance with BSI TR-031061 can be found in the account under Profile > Data protection under Security information

Status: May 05, 2026