Skip to main content

UNC-Chapel Hill is moving towards passwordless logins! When used along with your Onyen, Carolina Key eliminates the need to use your password with many of the University’s systems.

How Does it Work?

When you use a Carolina Key, you’ll be able to skip entering your password because you’ve set up a device-specific authentication method.  In other words, the authentication methods you set up become your “Carolina Keys” for that device.  Some authentication methods are as easy as entering a four-digit PIN, while others take advantage of your devices built-in security measures, like facial recognition or fingerprint scanning. You can also use authentication methods that require a physical security key, like a YubiKey or FIDO2 (fast identity online) key.  To read a knowledge article from the UNC Service Desk, visit the Carolina Key knowledge article page.

You’ll register each of your devices with Carolina Key and set authentication methods specifically for each device. The options are different depending on the type of device you’re using and what it’s capable of. For more information on each authentication method, see the “Device-Specific Info” menu option above.

Carolina Key works with all UNC web-based applications that use the single sign-on (SSO) process like Sakai, Canvas, ConnectCarolina, and TIM. Microsoft products use a different sign-on process, therefore you will not see a Carolina Key sign-in option for Heelmail.


  • Stronger protection—it may not be as convenient as using a stored password, but using Carolina Key provides stronger protection against phishing and other vulnerabilities.
  • Reduces the need to manually enter complicated passwords

When am I Eligible for Carolina Key?

Students can begin registering devices for Carolina Key on November 3, 2022. Carolina Key options will be available for faculty and staff in 2023. If you’re using a Windows-based device, you’ll need to set up Windows Hello before you can register for Carolina Key.