Skip to main content

Cornell University

IT@Cornell

Content (15)

Remove a Device from Two-Step Login
Go to the Device Management Portal To add a new device to Two-Step Login, begin one of two ways. Either: Go to the Device Management portal using one of the following methods. Either:
Replace Your Smartphone Listed in Two-Step Login
When you have a new smartphone, there are a few steps you need to take to setup the phone you're using for your Two-Step Login account. What you do with your account depends on whether or not you kept your phone number or if you have a new number on your new smartphone.
Rename a Device Enrolled for Two-Step Login
Go to the Device Management Portal To add a new device to Two-Step Login, begin one of two ways. Either: Go to the Device Management portal using one of the following methods. Either:
Add a New Device to Two-Step Login
Go to the Device Management Portal Go to the Device Management portal using one of the following methods:
Log in with Append Mode or Second Password Authentication for Two-Step Login
Use Append Mode Authentication Some campus IT services, such as Desktop Everywhere using the VMware Horizon View client, do not support a web interface to specify how to complete the second step of authentication.  If you enter just your NetID and password with these non-web apps, Two-Step…
Trust Browser for 24 Hours in Two-Step Login
Remember a Device for 24 Hours To avoid being prompted by Two-Step Login multiple times a day, select Trust browser during login. Two-Step Login won't prompt you again for most campus services for the next 24 hours.
Log in with a Passcode for Two-Step Login
Cornell has disabled the use of passcodes generated by the Duo Mobile App as an authentication method. Use one of the remaining authentication methods described below going forward.
Log in Using a Phone Callback for Two-Step Login
With the Phone Callback method, Two-Step Login calls you on your mobile phone or landline. To authenticate:
Log In Using Duo Push for Two-Step Login
During late 2024, Cornell will begin rolling out Duo Verified Push for logins using the Duo Push method. Affected campus populations will be notified by direct email about this change. 
Connect Windows to CU VPN
To use Cornell's Virtual Private Network (VPN) with campus networks and services, you must use Cisco Secure Client VPN software. See the How to Install Cisco VPN Software page for instructions.
Connect Mac to CU VPN
To use Cornell's Virtual Private Network (VPN) with campus networks and services, you must use Cisco Secure Client VPN software. See How to Install Cisco VPN Software for instructions.
Connect Linux to CU VPN
To use Cornell's Virtual Private Network (VPN) with campus networks and services, you must use Cisco Secure Client VPN software. See the How to Install Cisco VPN Software page for instructions.
Shibboleth FAQ
Does the Cornell Identity Provider provide a logout service?No. Our credentials remain valid until you close your browser. We recommend that you give the user instructions to quit the browser if they want to log out. If your application has a logout item in its menus, you might consider linking…
Cornell Shibboleth Identity Provider Resources for IT Staff
EntityID for the Cornell Identity ProviderProduction IDP: https://shibidp.cit.cornell.edu/idp/shibbolethTest IDP: https://shibidp-test.cit.cornell.edu/idp/shibbolethURL for Cornell IDP metadataProduction IDP: https://shibidp.cit.cornell.edu/idp/shibbolethTest IDP: https://shibidp-test.cit.cornell.…
CU VPN
On Wednesday, June 5, 2024, Cisco AnyConnect VPN (also known as CUVPN) will be updated. Cisco is making a name and icon change that could cause confusion. Learn more about the key differences and what to expect. Two-Step Login is required for all users to authenticate to the CU VPN.

At Cornell we value your privacy. To view
our university's privacy practices, including
information use and third parties, visit University Privacy.