Latest News
We're going to give you another reason to start using a Secure Connect passkey to protect your Cornell account.
You might be thinking "Yeah, sure, I'm not changing anything until I have to." We get that. It takes a bit to set up, not to mention you're asked to use your fingerprint or face for ultimate security and that might make you feel uncomfortable.
"Until I have to" gives hackers the chance to set up a passkey in your NetID first.
Hackers Are Leveraging Biometrics
When someone compromises your account, they don't want you immediately going in and resetting your password, they want to keep control over your account for as long as they can. So once they have access, they change your security questions or set your recovery email to one they control.
Hackers trust that the technology behind passkeys means that their biometric information never leaves their device. If your account isn't already protected by a Secure Connect passkey, a hacker can connect their own passkey to your account. You've lost your password, your Duo won't work, and now your account has a compromise problem.
Authorities can't find these criminals through passkeys, because the only thing that leaves the computer is a complicated, scrambled string of letters and numbers – and not their face or fingerprint.
ITSO is in Your Corner
Your account at Cornell has more than just basic protections – you also have a team of experts at the IT Security Office to help you if your NetID is hacked. However, adding a Secure Connect passkey now to your Cornell account can help prevent the angst, panic, time, and frustration of dealing with a stolen NetID.
Passkey options for students are under review.
Comments?
To share feedback about this page or request support, log in with your NetID