Skip to main content

Cornell University

IT@Cornell

Essential Tips to Keep Your Accounts Secure

This article applies to: National Cybersecurity Awareness Month

Thanks to technology, your personal and financial information are accessible to you from anywhere that the internet is available. This is convenient, but it also comes with risk. If all you need to access your account is “hello123,” then it will be easy for anyone else with an interest in your information to gain access as well. Don’t let a weak password be all that stands between your information and a cybercriminal. 

 

Your first line of defense is a strong password. 

Everyone knows that skimping on strong passwords will leave your accounts vulnerable to hackers. But did you know that some devices can be protected by a password that’s nearly impossible to duplicate? Secure your accounts with better, faster, stronger passwords by setting up biometrics. If your devices aren’t compatible with biometrics, you can create strong passwords without having to remember them by relying on a password manager app.

 

Don’t forget to set up a recovery email address for your NetID. If your Cornell NetID account is ever locked, you can quickly and easily get back in by registering a non-Cornell email address.

More authentication is more secure. 

Multifactor authentication is one of the best security tools available to you. In fact, Duo is a required layer of security for many Cornell sites and services. If a cybercriminal has stolen your password through hacking, or a widespread security breach, multifactor authentication will be the reason that your personal data stays protected. 

 

If you’re worried about how you’ll get into your accounts if your phone breaks, you’re not getting service, or you get a new device, you can add alternate Duo devices to your account.

 

Use the IT Security checkup to make sure you’re protecting personal and professional data as best as you can.

Passkeys are a secure alternative to multifactor authentication.

Passkey login is currently the gold standard for account security, without relying on a password. A passkey uses a complex set of formulas to generate an extremely strong, and unique, key on your device. 

 

For faculty and staff at Cornell, Secure Connect allows you to use a passkey when you use CUWebLogin. Using your fingerprint or your face as a two-step login tool (instead of Duo), drastically reduces the chances of your account getting hacked. A criminal might be able to guess your password and trick you with duo push fatigue, but they can’t easily imitate your unique fingerprint or smile! 

 

If you want to understand how TouchID and Windows Hello work, read about Biometrics and Your Privacy. The short version is that biometric data is converted into a complex formula and stored on your device. It can’t be stolen to recreate or impersonate you in any way.

Comments?

To share feedback about this page or request support, log in with your NetID

At Cornell we value your privacy. To view
our university's privacy practices, including
information use and third parties, visit University Privacy.