Around Campus

3 reasons to go passwordless with Carolina Key

Passwordless logins work by swapping your insecure and easily lost password with strong device-based authentication called a passkey.

The Old Well
(Jon Gardiner/UNC-Chapel Hill)

Make logging into your UNC Systems easier. Registering your device with Carolina Key will allow you to skip typing your password and still have fast and secure logins to many UNC-Chapel Hill systems, including ConnectCarolina, Canvas and more.

Carolina Key is Carolina’s latest innovation in the fight against hackers who want to steal your — and the University’s — data. Historically, making your account secure has meant ever-changing tactics like requiring long and complex passwords and using 2-Step Verification. These strategies do make it harder for bad actors to get in, but they also make it more difficult for you to access your own account.

Carolina Key is additional security that’s easier for you, but harder for hackers. Not only is Carolina Key fast and secure, registering is quick, too.

Carolina Key isn’t available with every Carolina system. Right now, Carolina Key works on web-based services that use Single Sign-On, which means you will still need your password for Microsoft logins and a few other services across campus.

1. Passkeys are fast

Carolina Key swaps your insecure and easily lost password with strong device-based authentication called a passkey.

Passkeys are cryptographic tokens you store on devices like smartphones, smartwatches, laptops and tablets. Using either a PIN, physical security key, or the built-in biometric sensors on your device, like facial recognition or fingerprint scanning, you quickly unlock and send your passkey to the requesting site.

With Carolina Key, instead of Onyen and password, it’s Onyen and passkey. And since those passkeys are things like facial recognition or a short PIN, they are faster than typing a password.

2. Carolina Key is secure and private

With passkeys, you store your login credentials on your device. They’re never sent to the site you’re logging in to. This means hackers can’t steal them off a server or intercept them in transit. You are more in control of your own credentials because they’re literally in your hands.

Passkeys like Carolina Key are virtually impervious to phishing attacks. Phishers try to steal passwords, but when we use passwordless logins and passkeys, there are no passwords to steal. We shut out hackers because our devices are our logins.

In addition, Carolina Key keeps your login data private. Your biometric data is stored in your device and never transmitted to UNC. In fact, your device just tells Carolina Key that you’ve authenticated. It doesn’t even share what method you used.

3. Registering is quick

It just takes a few minutes to register your device and then you’re on your way to fast and secure passwordless logins.

Your authentication method options will vary by device and web browser. You can learn more about which methods Carolina Key supports per operating system and compare which methods are available on your device.

If you’re using devices in the same ecosystem, they can all sync without you having to register each one. So, if you have a Mac laptop, an iPhone and an iPad, you’ll register once and be able to use each device as one of your Carolina Keys.

Read the full story at UNC ITS.