Skip to main content

Cornell University

Biometrics and Secure Connect

This article applies to: Secure Connect

On This Page

Secure Connect enables you to use your fingerprint or your facial features (your biometrics) to log in to services that require your NetID and password. On Windows, you may know this feature as Windows Hello. On Mac, it’s called Touch ID. Increasingly laptops, smartphones, and other devices include biometrics as an option for logging in.

Instead of using your NetID and password, with Secure Connect you use your biometrics to unlock a passkey stored on your device. The passkey is a unique credential associated with your Cornell NetID. The passkey, not your biometrics, is how you’re granted access to the Cornell service.

Secure Connect uses Beyond Identity to provide passkey login at Cornell. Beyond Identity enables your computer to confirm that the person who used their fingerprint or face to try to log in is you and not an impostor. This confirmation is used to complete the login sequence.

Secure Connect and Your Privacy

Cornell and Beyond Identity do not centrally collect or store your biometric information. The biometrics used with Windows Hello and Touch ID never leave your laptop or device, and they are not stored in a form that would enable anyone to recreate your fingerprint or facial image.

Note: If you have concerns with using your biometrics for this purpose, you have the option to use Secure Connect without Windows Hello or Touch ID by entering your password (instead of biometrics) every time you need to log in.

See the Biometrics and Your Privacy webpage for more details.


To share feedback about this page or request support, log in with your NetID

At Cornell we value your privacy. To view
our university's privacy practices, including
information use and third parties, visit University Privacy.