2-Step Verification

Service Description

Traditionally, logging in (known as "authenticating") required only a username and password (one step). Two-step verification provides additional security by requiring a second step--something that you have, such as a phone--in order to log in.

  • Two-step verification is required of all ITS systems administrators as well as ConnectCarolina users who access University-owned sensitive information.
  • In addition, two-step verification is required to access financial information (e.g. W-2 forms) of current and former employees.

The two-step verification application used at UNC Chapel Hill is DuoSecurity.


Current users include faculty, staff, and affiliates including guest IDs for former employees.

Service Provisioning

Users register for the service via the Onyen management page https://itsapps.unc.edu/improv/.

  • To register for the service via the Onyen Management page, users will need to know their Onyen, Onyen password, date of birth, and last four digits of their SSN. This information is used to validate the individual’s affiliation with the University. None of this data is passed outside of the Onyen management system.

System administrators seeking to add two-step verification to a service should contact the Service Desk.

Supported Environment/Services

To register, users will need access to a computer and one of the following:

  • personally owned smartphone or cell phone
  • tablets (e.g. iPad)
  • hardware token - Duo tokens can be purchased by a department from Software Acquisition, current cost is $21.00 per token. We ask that you only purchase a Duo token if you do not have a smart phone or if you will be traveling outside of the country.
  • landline

After registering, a computer is not required.

This service is provided at no cost to customers.