On October 1, 2022, Microsoft will permanently disable Basic Authentication (“Basic Auth”) for Exchange email tenants. Basic Auth is an outdated authentication standard that allows users to connect to their mailbox using only a username and password and its continued use poses serious security...Read more
Cornell's Single Sign-On front-end, CUWebLogin, has been used with two back-end authentication methods.
CIT is migrating all services to use one method, Shibboleth, and retiring the other (CUWebAuth).
On August 1, 2021, Shibboleth and CUWebAuth will be separated, meaning they...Read more
No. Our credentials remain valid until you close your browser. We recommend that you give the user instructions to quit the browser if they want to log out. If your application has a logout item in its menus, you might consider...Read more
EntityID for the Cornell Identity ProviderProd IDP: https://shibidp.cit.cornell.edu/idp/shibboleth Test IDP: https://shibidp-test.cit.cornell.edu/idp/shibboleth
URL for Cornell IDP metadata
When you have a new smartphone, there are a few steps you need to take to setup the phone you're using for your Two-Step Login account. What you do with your account depends on whether or not you kept your phone number or if you have a new number on your new smartphone.These steps will...Read more
Some campus IT services, such as Desktop Everywhere using the VMware Horizon View client, don't support a web interface to specify how you would like to complete the second step of authentication. If you enter just your NetID and password with these non-web apps,...Read more