Support FAQs
User Support
Support for eduroam is provided by your home institution (e.g., your university). Therefore, you need to contact your organization's helpdesk for assistance in configuring your mobile devices (such as laptops or smartphones).
Forgotten Password
We're sorry you forgot your password. Eduroam credentials are managed by the same institution that generated your account (e.g., your university).
Contact your home institution's helpdesk to have your password changed or reset.
I Need an eduroam Account
Eduroam credentials are issued by education and research institutions participating in the service. If your institution does not support eduroam, contact your organization's IT department to convince them to join eduroam! Here is the list of participating institutions:
https://www.servizi.garr.it/eduroam/utenti/istituti-aderenti
Device Configuration Guide
You need to contact your home institution's helpdesk for assistance. Many organizations provide automatic eduroam configuration through eduroam CAT. Check if your institution is listed among those available.
Institutional Support
Institutions wishing to connect to eduroam and offer access to their staff, students, and researchers can apply by following this procedure. For any information requests, please write to this address: eduroam [at] garr.it.
SECURITY FAQs
Is eduroam Safe to Use?
eduroam is based on the most secure encryption and authentication standards currently in force.
Its security far exceeds that of typical commercial hotspots.
eduroam requires the use of 802.1x which provides end-to-end encryption to ensure that your private credentials are available only to your home institution (e.g., the university). What really matters is the certificate used by your home institution, regardless of who manages the infrastructure.
Please note, however, that when browsing the Internet by connecting from an eduroam hotspot, the local security measures of that hotspot will also apply to you. For example, firewall settings at the visited location may differ from those of your organization and, as a guest, you may have access to a reduced number of services.
Does eduroam Use a Web Portal for Authentication?
NO
Web portal-based authentication mechanisms (Web Portal, Captive Portal, or Splash-Screen) are not considered secure for eduroam, even if the website is protected by a secure HTTPS connection.
What Happens If a Web Page Requests My Username or Password?
eduroam will never display a web page requesting your username and/or password. This is a sign that someone is attempting to steal your password: do not use any network that asks you for this type of information; in fact, we encourage you to report it to us at this address: eduroam [at] garr.it.
I've Heard That, Under Certain Circumstances, My University Credentials Can Be Stolen by Attackers. What Is This About?
The security model in eduroam is the result of a well-researched study. Your credentials are well protected as long as your device is configured correctly; in this case, any type of authentication used in eduroam (PEAP, TTLS-PAP, EAP-TLS) will be secure.
Your eduroam Identity Provider (e.g., your university) provides you with installation instructions that allow for correct and secure configuration - the most critical part is configuring the device to trust a specific certificate authority (CA) and the Identity Provider's server name.
Many eduroam Identity Providers offer installers or configuration files that allow you to configure your device securely with a simple process in just a few clicks. One of these is eduroam CAT and the geteduroam app - check if your institution is among those listed.
Use the installers and/or configuration instructions provided by your eduroam Identity Provider to be safe from attacks.
If you don't follow the configuration instructions, or in the unlikely event that your eduroam Identity Provider doesn't provide them, the account data you use to access eduroam is at risk of a Man-in-the-Middle attack. For eduroam Identity Providers, not providing sufficient configuration instructions is contrary to the eduroam participation policy, which is why we welcome reports of such cases at this address: eduroam [at] garr.it.
We want to clarify that this type of problem is not specific to eduroam: any wireless network with Enterprise-type authentication, in fact, is in the same condition.
Close
