Skip to main content

Two-Step Login Requirement for Departmental VPNs

Related services: CU VPN, Two-Step Login

Cornell’s virtual private network (CU VPN) provides secure remote access to campus IT resources from anywhere when needed. All of us at Cornell recognize the sensitivity of the materials we use every day. Using Two-Step Login with the CU VPN further protects your account and access to Cornell sites and applications when working remotely.

By December 31, 2020, Two-Step Login will be required to authenticate to all departmental VPNs. Departmental VPN administrators should contact to require Two-Step Login for their VPN pools as soon as possible before the deadline. It's recommended that departmental VPN users proactively use Two-Step Login with the CU VPN. Two-Step Login for CU VPN is now available and helps protect your personal information and Cornell's systems and data. It prevents bad actors from using stolen credentials to gain unauthorized remote access to campus IT resources.

Two-Step Login for CU VPN is supported on the Cisco AnyConnect client and available across operating systems:

Currently, all new departmental VPN pools automatically require Two-Step Login. GuestIDs are not eligible for Two-Step Login. As a result, people with GuestIDs will no longer be able to log in to CU VPN. There is a separate GuestID VPN (GID VPN) available for these instances. Administrators can contact the IT Security Office at to create a GID VPN solution for their unit.

For questions, please contact your department's VPN administrator.

Was this page helpful?

Your feedback helps improve the site.