Report if My NetID Password has Been Stolen
This article applies to: Security & Policy
1. Report the incident to the IT Security Office.
Don’t hesitate. Any possible or confirmed theft of a NetID password needs to be reported immediately to the IT Security Office via email@example.com. You should also notify your department’s technical support staff.
The IT Security Office may contact you for additional information since, to help prevent this in the future, they try to determine how a password was stolen. Computer records can also be looked at to see what services your NetID accessed, and how long it was abused.
2. Change your NetID password and your security questions.
To change your password, go to the Manage Your NetID page at netid.cornell.edu and click Change your Password. Your new NetID password should be unique and strong:
- It should not be similar to the old password.
- It should not be the same as or similar to any passwords you use for other purposes, such as online banking or shopping.
- It should be easy for you to remember and difficult for other people to guess. See how to set strong passwords (NetID and others).
To change your security questions, go to netid.cornell.edu and click Set your Security Questions. If you have not previously set your security questions, do so now. Setting your security questions will allow you to set a new password without visiting the IT Service Desk, should you ever forget your password, or if you suspect it's stolen.
If you cannot change your password:
Sometimes whoever is using your stolen NetID will change your NetID password. In addition, if the IT Security Office determines that your password has been compromised, they may scramble your password, before contacting you, to stop further abuse. If either happens, you will need to contact the IT Service Desk to reset your password.
To make this request, contact the IT Service Desk—you must visit in person, schedule a video chat (via WebEx), mail, or fax your request to the IT Service Desk. You will need to provide proof of identity—your Cornell ID card or your valid government-issued photo ID card (such as a driver's license or passport), or a photocopy of one of these.
3. Check your Cornell personal information.
If your NetID was used to send out spam, there are two places to check whether your email settings have been altered.
(1) Log into your email account (Outlook on the Web or Cmail) to see if your signature has been changed by someone using your stolen account.
(2) You should also review your mail routing preferences in Who I Am. Sometimes the spammer will change where email addressed to you is being sent.
- Log into Who I Am.
- Go to the Electronic Mail tab.
- Check for new or different entries in the box where you can list other addresses besides your default postoffice account.
You should also see whether any of your personal information has been changed in such places as: