What is HarvardKey?

HarvardKey is a new, unified credential for accessing Harvard applications and services that will be rolled out starting in Fall 2015 as a replacement for the Harvard Authentication ("PIN") System. Benefits of HarvardKey will include easy, secure access to sites across the Harvard Community, as well as a convenient self-service portal for common onboarding and user management activities.

As rollout progresses, look for updates on when you'll be able to use HarvardKey on the main Harvard Authentication System login screen, or visit iam.harvard.edu/harvardkey for the latest news.

What is the Harvard Authentication System?

Harvard University's authentication system is used by multiple Harvard-affiliated websites and web applications to provide a secure means for Harvard users to access online resources. One of the benefits of this system is that it allows you to access many different systems using a single ID and password.

Are my PIN and my password the same thing?

Yes. Because Harvard's authentication system originally used a "short PIN" instead of a true password or passphrase, you may occasionally hear people say "PIN" when referring to the password/passphrase now used in conjunction with your HUID number or other login type. A password may take different forms, such as a random group of characters, a memorable but not plain-English string of letters and numbers, or even an entire phrase.

Why is there a website for the Harvard Authentication System?

The Harvard Authentication System website exists to provide information about how to create and manage passwords and credentials, basic advice about Internet security, and resources for website developers wishing to use the authentication system for authentication in their sites or applications. The website is also where you go to request a new password or change your existing one.

Why do I need a username and password for Harvard's authentication system?

Many online resources within the Harvard community require verification of your identity before granting you access. By supplying a login ID and a password that match, you can verify, or authenticate, your identity. To reduce the number of login IDs and passwords that users need to remember, many Harvard systems use the Harvard Authentication System to authenticate users.

Who is eligible for access to Harvard-protected resources?

The following people associated with the Harvard University community are eligible to request a access to Harvard-protected resources:

  • Faculty
  • Staff
  • Students and class participants who have been issued Harvard ID numbers
  • Harvard retirees
  • Harvard University affiliates (contractors, consultants, etc. who have been issued Harvard ID numbers)
  • Library special borrowers

Will my login credentials automatically expire when I leave Harvard?

Your login credentials will not automatically expire when you leave Harvard. However, after you leave, if you forget your password and/or get locked out of your account, it may be difficult to obtain a new password. Harvard University does not always maintain address and email records of individuals who leave. Because personal contact information quickly becomes outdated, to continue using Harvard-protected resources after you leave, make sure that your contact information is up to date before you go.

What are the authentication system's terms of use?

The Harvard University authentication system, and the systems, data, and other resources that require authentication for access, are only for legitimate Harvard University users. Use may be monitored, and improper use of the system or those resources may result in disciplinary action and civil and criminal charges.

You may also wish to view the privacy policy for websites related to the Harvard Authentication System.

When should I request a new password?

You should request a new password when:

  • You are a new user and have a Harvard University ID (HUID) number
  • You have forgotten your current password
  • There is any danger that your password has been stolen or otherwise compromised
  • Your password has expired
  • You are locked out and are not certain if you actually remember your password