- SPONSOR(S): Paul Rivers
- DEPT OR DIVISION: ITS Security and Identity Management
- PROJECT OWNER: Celeste Copeland & Alex Everett
- PROJECT MANAGER: Bianca Bonds
- CHANGE MANAGER: Jackie Treschl
- STATUS: Completed
- Project Theme: Serving Our Communities
What is it?
UNC-Chapel Hill is moving toward passwordless logins with a new option called Carolina Key. When you use Carolina Key, you will be using your device’s built-in security features, such as facial and fingerprint recognition. You can also set up a PIN. Carolina Key, used with your Onyen, streamlines single sign-on by eliminating the need for a password and two-step verification, while enhancing University digital security. Carolina Key works with all web-based applications that use the Single-Sign On (SSO) process like Sakai, Canvas, TIM, and ConnectCarolina.
Why are we doing it?
Carolina Key helps the University in its fight against the ever-increasing number of phishing attempts and cyberattacks that Carolina faces daily. Passwords are the weakest point in digital security because scammers craft emails and login pages designed to get users to enter their password and approve two-step notifications. Once they have access to passwords, they are often duplicated, sold, and traded worldwide. Carolina Key will help the University move toward a more secure, passwordless future.
How does this impact our UNC community?
Carolina Key is available to all students, faculty, and staff. However, University-managed devices may need additional permissions turned on by local IT staff.
When is this happening?
Phase 4 – Carolina Key is now available for all students, faculty, and staff. ITS is currently working on a campaign to encourage adoption this summer and the beginning of the fall semester.
Phase 3 – Released to employees. ITS launched Carolina Key for ITS employees in early 2023. ITS enabled faculty and staff to register for Carolina Key. Completed April 2023.
Phase 2 – Incorporated feedback from the pilot and enabled students (including employees who are students) to register for Carolina Key. Completed November 2022.
Phase 1 – Conducted a small pilot of Carolina Key with IT staff across campus and gather feedback. Feedback included: improving the user interface, bypassing 2-Step Verification, and supporting legacy browsers for critical applications. Completed December 2021.
Where can I find more information?
Promoting Carolina Key
ITS is kicking off a communications campaign to encourage faculty, staff, and students to adopt Carolina Key this month.
In the next several weeks we’ll be:
- sending a formal notice to all faculty and staff the week of July 17th letting them know that they can register for Carolina Key.
- asking our partners across campus to share information about Carolina Key with their departments.
- encouraging students to sign up for Carolina Key as an alternative to using passwords and 2-Step Verification.
Help Spread the Word:
- Carolina Key provides a faster and more secure way to login to many web-based University systems that use SSO by replacing passwords with a device specific passkey.
- Using Carolina Key eliminates the need for 2-Step Verification through Duo.
- Using Carolina Key increases information security for all of us – register your device today and encourage others to as well.