Reminder: Two-Step Login USB Security Keys to Be Updated in January 2022
Related services: Two-Step Login
In the coming weeks, Google will end support for the U2F authentication standard in Chrome. This technology has been used for USB security keys such as those many at Cornell use to authenticate with Two-Step Login.
To accommodate this change, Duo, the vendor that supports Cornell’s Two-Step Login service, will move to a different security protocol in mid-January 2022 called WebAuthn.
What to Expect
After Duo's scheduled change, USB security key users will see a one-time prompt during the Two-Step Login process, asking them to update their key. When they click Continue, the key will be updated to use the improved WebAuthn security protocol.
The new protocol will also add a step to the security key authentication process for Chrome and Microsoft Edge users. Similar to when users authenticate with Duo using other methods, they will need to click a link in their browser to trigger the authentication request to the key. Previously, users could tap their security key to complete authentication as soon as the Duo Prompt loaded. (This “Use Security Key” step is already the standard experience in Safari and Firefox for the traditional Duo Prompt.)
For full details on this change to the process and information on minimum web browser requirements, see Duo Updates to USB Security Key Method.
For questions or issues using Two-Step Login, contact the IT Service Desk.