Skip to main content

If the Security Office Locks Your Account After Detecting It's Compromised

This article applies to: NetIDs, Security & Policy

If the IT Security Office determines that your password has been compromised, your account will be locked to stop further abuse. You will need to either

  • Contact the IT Service Desk to reset your password, or
  • If you are an alumnus/a who has no other relationship with Cornell (such as faculty or staff), answer questions online using a Knowledge-Based Authentication (KBA) system.

IT Service Desk

To request a password reset through the IT Service Desk, you must visit in person or schedule a video chat. You will need to provide proof of identity—your Cornell ID card or your valid government-issued photo ID card, such as a driver's license or passport.

How to contact the IT Service Desk.

Knowledge-Based Authentication

The Knowledge-Based Authentication (KBA) tool is hosted through the NetID Activation page. You may be familiar with KBA if you've ever interacted with a system that asks you to verify your identity by choosing from a list of addresses where you've lived or other interactions of yours that are recorded in public-record sources. At no point are any of the questions or answers from the account-recovery process stored in Cornell systems.

If you are an alumnus/a with no other affiliation with the university (such as faculty or staff) and know your account has been locked due to apparent compromise and want to use KBA to unlock it, you can do so through NetID Activation. (If your account is not locked for this reason, the KBA won't be shown.)

If you are enrolled in Two-Step Login, after answering the KBA security questions you will also be required to authenticate using Two-Step Login.

Check Your Cornell Personal Information

If your NetID was used to send out spam, there are two places to check whether your email settings have been altered:

  • Log into your email account (Outlook on the Web or Cmail) to see if your signature has been changed by someone using your stolen account.
  • You should also review your mail routing preferences in Who I Am. Sometimes the spammer will change where email addressed to you is being sent.
  1. Log into Who I Am.
  2. Go to the Electronic Mail tab.
  3. Check for new or different entries in the box where you can list other addresses besides your default postoffice account.

You should also see whether any of your personal information has been changed in such places as:

About this Article

Last updated: 

Tuesday, July 7, 2020 - 10:45am

Was this page helpful?

Your feedback helps improve the site.