The CU Key mobile app has been developed for the purpose of increasing the security of CAS user accounts.

It is simple, reliable way to verify your identity while accessing university services.

It provides a modern means of two-factor authentication which significantly enhances the security of university systems which require CAS login.

The CU Key mobile app represents an important step towards increased cyber security and data protection for the academic community.

1.Visit website ldap.cuni.cz/mfa and log in.

• Select "Mobile phone application" among the available options:

  
  

  

  
  

• Choose a QR code based on your mobile phone operation system and scan it to download the app.

  
  

  

  
  

2. Open the CU Key mobile app

• Enable notifications

  
  

• Click on the "Login" button and enter your username and password to CAS

  
  

  

  

  
  

• Create a PIN code for unlocking the app

  
  

  

  

  
  

• You will see "Renewal codes" for account renewal.

  
  

  Please write down these codes on a different device so you can use them in the event of loss or theft of your mobile phone.

  
  

  You may also enable biometric authentication, e.g. fingerprint or FaceID, if you use it on your device.

  
  

  

  
  
  

  

  
  

3. If the registration was successful, the date and time will be shown for the selected method.

You can now click on the "Turn on" button to start the verification with the second factor.

• After clicking the Mobile phone application option, you can check the emergency scratch codes again via the "Show scratch codes" button.

  Please note that each code can be used only once.

  
  

  

• The Export button allows you to transfer data to a third-party TOTP (time-limited one-time password) application.

  
  

  

  
  

  After loading the QR code, your phone will prompt you to select the application (Google Authenticator, Microsoft Authenticator, FreeOTP, etc.) that you have installed. More information >

4. Visit website that requires CAS login and two-factor authentication, e.g. servicedesk.cuni.cz and log in.

Select a method for the second verification factor:

• You will receive notification on your mobile phone about a new request for authentication. Access the app using PIN code or biometrics and confirm the request.

  
  

  

  

  
  

The Remember Device window appears. This setting is used to make Two-Factor Authentication remember the browser on your device from which you are logging in.

• Corporate or personal computer: Choose Remember – you will not be prompted for authentication for another 14 days.

• Public device (e.g. classroom, internet cafe): Choose Skip.

Note: Authentication may be required earlier (e.g. for forced account authentication or after browser update).

In addition to the CU Key mobile app, we recommend setting up a backup two-factor authentication method.