If the Security Office Locks Your Account After Detecting It's Compromised
If the IT Security Office determines that your password has been compromised, your account will be locked to stop further abuse. You will need to either
- Answer questions online using a Knowledge-Based Authentication (KBA) system, or
- Contact the IT Service Desk to reset your password.
The Knowledge-Based Authentication (KBA) tool is hosted through the NetID Activation page. You may be familiar with KBA if you've ever interacted with a system that asks you to verify your identity by choosing from a list of addresses where you've lived or other interactions of yours that are recorded in public-record sources. At no point are any of the questions or answers from the account-recovery process stored in Cornell systems.
If you know your account has been locked due to apparent compromise and want to use KBA to unlock it, you can do so through NetID Activation. (If your account is not locked for this reason, the KBA won't be shown.)
If you are enrolled in Two-Step Login, after answering the KBA security questions you will also be required to authenticate using Two-Step Login.
IT Service Desk
To request a password reset through the IT Service Desk, you must visit in person or schedule a video chat. You will need to provide proof of identity—your Cornell ID card or your valid government-issued photo ID card, such as a driver's license or passport.
Check Your Cornell Personal Information
If your NetID was used to send out spam, there are two places to check whether your email settings have been altered:
- Log into your email account (Outlook on the Web or Cmail) to see if your signature has been changed by someone using your stolen account.
- You should also review your mail routing preferences in Who I Am. Sometimes the spammer will change where email addressed to you is being sent.
- Log into Who I Am.
- Go to the Electronic Mail tab.
- Check for new or different entries in the box where you can list other addresses besides your default postoffice account.
You should also see whether any of your personal information has been changed in such places as: