Alumni Should Update Passwords as Cornell Retires MIT Kerberos
Cornell is retiring one of its login authentication methods. Here are some details about what you need to do to keep logging in to Cornell's online resources.
During 2018, Cornell will be retiring one of its login authentication methods, MIT Kerberos. If you infrequently visit Cornell websites requring login, you should take a moment now to update your password. This will help you avoid the possibility of getting an error during a future login to Cornell resources.
In particular, if you haven’t changed your password since 2007, we’re asking that you change your password now.
In 1995, Cornell began creating NetIDs as a way for community members to access computer networks using a single login. This allowed users to work across many systems without needing a separate login process for each. To accomplish this, Cornell implemented MIT Kerberos, which served as our primary tool for login security.
In 2007, Cornell additionally implemented Microsoft’s Active Directory, whose features also include support for single login in a way similar to MIT Kerberos. Since then, each time someone sets or changes a password, the new password has been included in both Active Directory and MIT Kerberos. If you have been using Cornell’s Microsoft Outlook or SharePoint services since 2007, you are already logging in using Active Directory.
To avoid duplication of services, we are planning to retire MIT Kerberos and rely solely on Active Directory. While accomplishing this technically is not difficult, we have identified users who have not set or changed their password since we implemented Active Directory. This means their current password is stored only in MIT Kerberos.
Because one of the features of a good security system is that even administrators cannot read a user’s password, we do not have the ability to automatically copy passwords from MIT Kerberos to Active Directory. The only way to get your password into Active Directory is for you to set it.
How to Update Your Password
Go to the Manage Your NetID webpage and click the link Change Your Password to start the process. Follow the instructions on that page.
Once you have done this, your new password will be saved in the current security system and you’ll be all set.
Creating a strong password is very important to keep your data and the University’s online resources safe. The information on the page Do you have a strong password? explains the password guidelines. It also lets you try out various possibilities for your new password before you actually make the change.
If you have any difficulty changing your password or logging in afterward, you should contact the IT Service Desk for assistance.