Starting January 12, 2021, Two-Step Login for Office 365 will be required for all Cornell administrative staff. This is part of the university’s ongoing initiative to improve the data security for email, calendars, contacts, and other shared Office resources.

Previously, Two-Step Login for Office 365 was implemented for staff in CIT and other units under the Executive Vice President and CFO. After January 12, nearly all campus non-academic staff will be required to use Two-Factor Login for Office 365.

When Two-Step Login for Office 365 has been enabled on an account, if criminals manage to steal a NetID password, they will be unable to hijack the email account or access sensitive content stored in it.

How Will This Change Affect Users?

Most Cornell email users make the transition to Two-Step Login protection for Office 365 without any issues.

Most staff are already familiar with Two-Step Login from accessing a range of online campus resources such as Workday or PeopleSoft. Two-Step Login protection for Office 365 login is a very similar process. For general information about the coming implementation, review Before You Start Using Two-Step Login with Office 365.

Two-Step Login does not increase how often a user needs to log in to Office 365. The first time someone logs in after Two-Step has been enabled, they will authenticate with Two-Step using one of the methods chosen at sign-up – for example, a phone call, smartphone app notification, passcode, or USB device. After this, Office 365 will remember the user’s login as long as they use an Office 365 online service at least once every 30 days.

Users who have already voluntarily opted in for Two-Step Login for Office 365 should be aware that after January 12, when the service is mandated, they will no longer have the option to opt out again.

Is There Anything Special Users Need to Know?

Users who access email using any of the following methods need to take extra steps to ensure that their email access transitions smoothly.

• iOS Devices
  Users who access Office 365 using the the iOS Apple Mail and Calendar apps will need to update app settings. Follow the instructions to Configure the Apple iOS Mail and Calendar App for Use with Two-Step Login.
• Unsupported Email and Calendar Clients
  Only email and calendar apps from Microsoft or Apple are compatible with Two-Step Login. Other software, such as apps that often come installed on Android smartphones, will no longer work. For more details, review Before You Start Using Two-Step Login with Office 365.
• SMTP and IMAP/POP Protocols
  Users will no longer be able to use SMTP and IMAP/POP protocols for sending or reading email. Users must have a supported email client that has been configured for an Exchange account. For more details, review Before You Start Using Two-Step Login with Office 365.

Can Users Opt-in Proactively?

Yes!

Anyone who encounters issues using Two-Step Login for Office 365 should contact the IT Service Desk for assistance.