BoilerKey required for Purdue website CAS authentication, including benefits open enrollment

Screenshot of the CAS portal that on Oct. 30 will require BoilerKey, Purdue's version of two-factor authentication. Screenshot of CAS portal where BoilerKey will be required on Oct. 30.

At 5:30 p.m. tomorrow, Tuesday, Oct. 30, all faculty, staff and students must use BoilerKey, Purdue’s version of two-factor authentication, to sign in to CAS-authenticated webpages, such as myPurdue, Blackboard, Kronos, Ariba and Concur.

Faculty and staff also will need BoilerKey to access the benefits enrollment portal, known as Benefitsfocus.

Likewise, students will need BoilerKey to be able to register for classes.

After the Oct. 30 deadline, everyone with a BoilerKey will be required to use it and those without will be unable to log in. The employee portal, Purdue’s virtual private network (VPN) and all CAS-authenticated pages will automatically require BoilerKey to create a more secure environment for university and personal data. Two-factor authentication is like a second line of defense for cybercriminals looking to scam someone out of their credentials.

BoilerKey adds an additional layer of security when logging in. It’s a step above traditional passwords, because not only must users remember something (a PIN or password), but they must also physically possess something that confirms their identity, either a smartphone with an app or a hard token, such as a key fob, both available in BoilerKey’s case.

If you already have BoilerKey, you will begin using it on CAS-authenticated pages tomorrow, Oct. 30. If you do not yet have a BoilerKey, go to to sign up today. 

For BoilerKey assistance:  

Writer: Kirsten Gibson, technology writer, Information Technology at Purdue, 765-494-8190,

Last updated: October 24, 2018