Skip to main content

Carolina Key is a passwordless technology that provides a more secure and convenient way to access University websites like Sakai and ConnectCarolina using your mobile phone or personal laptop. Carolina Key is a two-step technology that provides strong two-factor authentication to Carolina websites without relying on either a password or DUO. It is built on the same web-based authentication technology that has been adopted by companies such as Google, Apple, and Microsoft. The underlying technology, “public-key cryptography,” is more resistant to many of the phishing attacks that have impacted students, faculty, and staff. Carolina Key allows you to log on and access the services and data you frequently use with just a glance at your phone, a touch to your fingerprint reader, or typing in your device PIN on your tablet.

Not yet. Faculty and staff will become eligible in mid-to-late 2023 at the discretion of their department.

Nope. You’ll still use your UNC password for some systems including Heelmail and Virtual Lab.

Yes, Carolina Key is optional. You can still use your password if you want to.

An authentication method is the way you authenticate your login. The device you are working from determines the authentication methods that are available to you. To see accepted devices and their authentication method companions, see the Device-Specific Info section on the home page.

No. The University does not send, capture or store your biometric data.

At this time UNC doesn’t provide authentication devices such as security keys.

There are a few reasons why a Windows Hello PIN is more secure than a password. One main reason is that the PIN just works differently than a password.  The PIN is tied to the specific device it was set up on.  That means if some steals your PIN, they would also have to steal your device, whereas a password can be used from anywhere and is not specific to a device. For more information, visit Why a PIN is Better than a Password.

It lasts a year at which time you will be asked to renew your authentication method.

No problem! You can still use your UNC password.

Yes, each device you use should be registered separately with Carolina Key. However, in the future, we expect technology companies will allow for a synchronization of the protected cryptographic data between a set of your devices.

Not yet.

While Carolina Key is much more secure than a password, there are some new and different threats. Thieves are increasingly interested in what your device has access to, so make sure you’re careful when entering your device PIN around others or leaving your device unlocked in a public setting. If your device is stolen, be sure to make a police report and consider your passwords and Carolina Key at risk. Lastly if you use PassKey, make sure to use a strong password and multi-factor authentication to protect your iCloud or Google account. 

Passkey technology allows you to use your Carolina Key across multiple devices that are on the same cloud account. Although Carolina Key is  meant to be device specific, once you’ve registered a device that is on a shared cloud account, your Carolina Key will work for all devices that are attached to that cloud account. However, you will only see the device that you registered in your list of Carolina Keys.

Passkey technology allows you to use your Carolina Key across multiple devices that are on the same cloud account. You likely registered another device connected to a shared cloud account and not your iPhone. You only see the actual device you registered in your list of Carolina Keys.