Latest News

In Chief Global Information Officer Curtis Cole’s Wireside Chat on Wednesday, October 30, he mentioned passkeys as one way in which technology improves efficiency.
So what’s a passkey?
A passkey is a new way to securely access services without needing a password, and the gold standard for logging in with the most security. A passkey uses a complex set of formulas to generate an extremely strong, and unique, key on your device, which means you don’t have to create and memorize a bunch of passwords.
Hold the phone! How do you log in without a password?
The trick to the passkey is that it’s stored on your devices, and only on those devices. When you use a passkey to log in to a system, you “unlock” it from your device. The most secure way to do this is with your biometrics, but sometimes you can use your device’s password or PIN as well.
If this seems a little like waving a magic wand over how a passkey works, that’s because passkeys use public key cryptography, the science of which fills a series of upper-level computer science courses. We guarantee that a passkey is much more secure than password2024 by several million factors.
Passkeys give you one touch efficiency
Cornell launched Secure Connect as Cornell’s passkey service. It only takes a few minutes to register your device and start using the most secure form of account protection available.
When you have a passkey set up at Cornell, accessing many services that use CUWebLogin are as easy as a touch. No typing in complex passwords, no waiting for a Duo push, and no trying to find your phone before that Duo push times out.
Speaking of security, hackers can’t steal your passkey
Your passkey exists in a highly encrypted file right on your computer. To unlock that passkey, you must unlock your computer personally. Remember, the most secure way to do this is through your face or your fingerprint (your biometrics). At Cornell you can also use your PIN or password (but only on Cornell-owned devices).
Bonus benefit: If you don’t have to type your password into a web page, which can be (and has been) spoofed, then hackers can't steal your password, either.
A note about biometrics and privacy
Many people hesitate to use a fingerprint or face image for security purposes, fearing that someone will use the data to re-create their face or fingerprint. Biometric data (the whorls of your finger and the details of your warm smile) stays on your device and cannot be stolen to recreate and impersonate your likeness.
To reiterate, your biometric data is never shared, transmitted, or stored with Cornell or a third party. Remeber, you have complex math to protect your biometric privacy.
Comments?
To share feedback about this page or request support, log in with your NetID