Skip to main content

What the Central Authentication System is?

Central Authentication System allows for an unified logon using always the same credentials on the widest possible range of resources shared by university, including:

  • websites and web applications, like USOSweb or employee services;
  • university-issued desktop and mobile computers;
  • all other possible infrastructure, e.g. WiFi networks or external services.

CAS provides greater comfort and security for our users and services:

  • providing the unified and plain user interface that offers the ease of recognition and handling;
  • removing the necessity to create multiple accounts with independent passwords, allowing work with a single password that is always safe;
  • reducing the password visibility to a minimized number of applications.

Logon security tips

When entering your credentials to the Central Authentication System, always remember to verify the website identity!

In the vast majority of cases, the CSU website will always provide the same look and characteristic features:

  • Logon website address:
  • The website is secure and encrypted (padlock emblem), and the website adress begins with https://

Despite our strenuous efforts, some services cannot be completely integrated with the CAS service. Below is a list of exception websites that you can safely enter your password on:

If you find any website that ask for your password and presents itself as a UKSW website, but:

  • your browser warns you that the website is not protected or protected by an insecure or inproper certificate, or
  • the website address does begin with http:// (without S), or
  • the website address does not contain and has not been listed above

do not enter your password on such website and notify the IT Systems Center about it's existence!

Identifier related rules

Your identifier will be assigned once during the registration of your first account. The identifier template will vary depending on the user role you hold during the account creation - you will find more details in the table at the end of this article.

In selected cases and systems, we may ask you provide your identifier in a special form, especially:

  • by adding the university domain to your identifier:
    • this applies primarily to services shared by many organizations, e.g. Eduroam wireless network or Office 365 - the domain of the university helps the service provider to correctly identify the user's source.
  • by prepending the identifier with the speciall ActiveDirectory domain prefix: DOMENA\identifier
    • this applies primarily to selected Microsoft services that are not completely compatible with the CAS system.

Unless the specific logon panel indicates otherwise, supply only the base identifier as your username.

Due to technical reasons, the identifier does never change, neither when the character of the relationship between the user and the university changes (e.g. due to the employment of a former student) nor upon the change of personal data  (e.g. change of surname)!

Password related rules

Once we create your account, you will receive an SMS message with a one-time password allowing you to login for the first time.

Prepare yourself - upon first logon, you will be asked for the new password, and our special hint system will help you to choose a password that meets the necessary requirements regarding its complexity.

⚠️ Never use the UKSW-set password on other, UKSW-independent systems!

Sharing the same password among many service providers significantly increases the risk of password leak - the more places the password is stored, the more chance that one of these places will get attacked and your password disclosed.

In each such case, you will absolutely need to change your password on each system that you have used it. Using different passwords for different services limits the troubles generated by such attack by minimizing the amount of services in which your password will need to be changed.

If you forget your password - or if the initial SMS message never reached you - you can always reset your password using one of the two channels:

  • reset based on SMS verification - available to all users;
  • reset based on e-mail verification - available to students and selected employee groups.

Password reset necessitates your personal data (phone number or e-mail address ) to always be up to date. Remember to notify the relevant university units when your contact data changes. If you need to reset your password, but your contact data is no longer valid, you must contact the relevant university unit (check the list in the later part of this article).

Identifier validity period

The identifier validity period depends on the user status:

  • Students and PhD's
    • account is activated by the deans office upon entering all necessary information into the USOS system,
    • account is expired in 60 days upon the last day of the last settled academic year, the additional time giving time to fulfill the obligations required upon ending the university course.
  • Course attendees
    • account is activated by the deans office or other unit responsible for the course. upon entering all necessary information into the USOS system,
    • the account expires within 60 days of the end of the course.
  • Academic employees
    • account is activated automatically on the date indicated in the contract, upon the contract being first registerd by the HR department,
    • the account expires 30 days after the contract expires.
  • Other employees
    • account is activated automatically on the date indicated in the contract, upon the contract being first registerd by the HR department,
    • account is expired exactly on the contract expiration date.

Data correction and other problems

In case of any problems related to the correctness of account data, please contact the following university units:

  • Students, PhD's, course attendees etc.
    • deans office relevant to your faculty or organizing the course
  • Full-time employees
    • HR office
  • Other employees
    • HR office, deans office or the manager of your department

What's the form of user identifier?

User groupsIdentifier formatExample
Employeesn.surname / name.surnamej.nowak
(student id number)
PhD studentsD-#####D-12345
Attendees ofpost-doc coursesP-#####P-12345
Open University coursesOU-#####OU-12345
other coursesKRS-#####KRS-12345
MOST and SOCRATES programmesS-#####S-12345