Early-Access Wi-Fi Networks
CU Secure and CU Guest Wi-Fi are now live in select early-access buildings and will expand to the rest of campus over winter break. Learn more.
Overview
The CU Secure Wi-Fi network is designed to provide the most secure and stable Wi-Fi connection for CU Boulder faculty, staff and students.
It uses the most advanced encryption and authentication standards available, and once a device is registered on the network, it will connect to CU Secure Wi-Fi seamlessly for two years before asking you to re-register.
Note: Graduate and family housing apartments use Comcast internet services, not campus Wi-Fi. For details, see the Network and Internet Services page.
Features
- Enterprise-grade, end-to-end encryption
- Two years of password-free Wi-Fi connections
- Seamless handling of Private Wi-Fi Address rotation
- Unlimited number of devices per person
- Expanded IT support tools
- Access to internal campus resources (e.g., protected services and servers)
To compare CU Secure's features with CU Guest, eduroam or your data plan, see the "Choosing the Right Network" FAQ section.
Cost
CU Secure Wi-Fi is provided as a common good to the campus, which means there is no direct cost to anyone.
Who Can Get It
Anyone with an IdentiKey can register their device and connect to CU Secure when in range.
At this time, CU Secure is only available in a handful of early-access buildings. In late December 2025, UCB Wireless will go offline and be permanently replaced by CU Secure across campus.
How to Get It
To access CU Secure Wi-Fi, your device must be actively registered on the network.
Secure Computing Devices (No Action Needed)
If your university-owned device is enrolled in Secure Computing, do not install the CU Secure certificate manually. Secure Computing devices should connect to CU Secure automatically whenever they're in range. (Learn how to identify a Secure Computing device.)
If your Secure Computing device doesn't connect automatically, please refer to the CU Secure Wi-Fi - Troubleshooting page.
Personal & non-Secure Computing Devices (Action Needed: Register Your Device)
To connect the following types of devices to CU Secure Wi-Fi, you'll need to register them manually:
- Personally owned laptops, smartphones and tablets
- University-owned devices that are not enrolled in the Secure Computing framework (learn how to identify a Secure Computing device)
Next Steps
First, make sure you've set up Microsoft MFA on your IdentiKey account, as you'll need to log in to Microsoft with your IdentiKey credentials in order to download and install the certificate.
To install the CU Secure certificate on your device, follow along with these step-by-step instructions:
If the certificate installs successfully, you'll receive an email from notifications@securew2.com with the subject "You've Registered a Device on CU Secure Wi-Fi."
Tips & Troubleshooting
If you have any difficulties, visit our CU Secure Wi-Fi - Troubleshooting page for solutions to a wide range of issues.
For the smoothest Wi-Fi experience, turn off auto-connect for the other campus Wi-Fi networks after installing the CU Secure certificate.
Business-Critical Specialty Devices (Action Needed for New Devices Only)
These include wireless point-of-sale devices (e.g., Square, Clover), QR code scanners, smart refrigerators, and most other screenless Wi-Fi devices that perform business-critical functions.
- Existing devices currently registered on UCB Wireless: In early Oct. 2025, OIT will copy the Wi-Fi MAC addresses of the business-critical devices currently registered on UCB Wireless over to CU Secure. After the migration, those devices should connect to CU Secure automatically when in range. If your device doesn't connect, try toggling its Wi-Fi off and on.
- New devices: To add a new business-critical Wi-Fi device to the network, submit a request to the IT Service Center and include the device's Wi-Fi MAC address. (For help finding the Wi-Fi MAC address, refer to Wireless Internet - Help).
Note: Personal consumer devices (e.g., gaming consoles, smart TVs) cannot be registered on CU Secure. Instead, users should self-enroll those devices on CU Guest.
Re-enroll Your Device
Personal and non-Secure Computing devices remain registered on CU Secure for two years. You'll receive an email notification one month before the device's registration expires with instructions on how to re-enroll it for another two years.
Terms & Conditions
The following agreement is published on the CU Secure certificate download page (short link: buff.link/downloadwifi):
By accessing and using this system, you become subject to University of Colorado policies and regulations (regardless of your affiliation). For more information regarding your responsibilities with respect to IT resources, see Administrative Policy Statement 6005 and terms and conditions.
