Content (45)
For over a decade, Tim Bradish has helped shield and strengthen Cornell services and systems against attack. In a spotlight story on the Human Resources (HR) home page, the associate chief information security officer attributed his team’s success to their interest in working with each other and…
Cornell security liaisons, technical support providers, and those interested in learning more about security-related topics are invited to join the monthly IT Security SIG meeting.November's Agenda includes:News from the Front - BillSecure Connect Update - Dan VillantiOpen ForumThe IT Security SIG…
The monthly IT Security SIG meeting brings together Cornell security liaisons, technical support providers, and those interested in learning more about security-related topics. For October, the IT Security SIG team invites you to join them for a trivia gameshow. Come test your technology, current…
Cornell security liaisons, technical support providers, and those interested in learning more about security-related topics are invited to join the monthly IT Security SIG meeting.September's Agenda includes:
Cornell security liaisons, technical support providers, and those interested in learning more about security-related topics are invited to join the monthly IT Security SIG meeting.
July’s Agenda includes:
In February 2024, Gmail will begin enforcing several security-related requirements for messages sent to Gmail accounts. These requirements include proper authentication and domain records for the sending domain, secure transmission connections, a low spam rate for the sender, and proper email…
Starting Sunday, November 26, 2023, Cornell users will see a minor change when they log into Cornell IT services using the CUWebLogin webpage.
By default, the Remember My Username checkbox will be checked and the current browser instance will auto-fill the user’s Cornell NetID in the Username (…
Beginning this summer, CIT will launch an initiative to significantly improve email security at Cornell by implementing Domain-based Message Authentication, Reporting, and Conformance ("DMARC") at Cornell.
Cornell users who send bulk emails (such as, but not limited to, e-newsletters or…
Keeping your personal information, Cornell sign-in credentials, and important data safe means protecting your passwords. Anyone with active online accounts encounters dozens of passwords used to access Cornell resources, personal online banking, e-commerce sites, and other websites. Below you will…
Log In Using a Security Key (USB Device)
Supported browsers include Chrome 70 or later, Firefox 60 or later, Safari 13 or later, or Microsoft Edge 79 or later.
Go to the Device Management Portal
To add a new device to Two-Step Login, begin one of two ways. Either:
Go to the Device Management portal using one of the following methods. Either:
When you have a new smartphone, there are a few steps you need to take to setup the phone you're using for your Two-Step Login account. What you do with your account depends on whether or not you kept your phone number or if you have a new number on your new smartphone.
Go to the Device Management Portal
To add a new device to Two-Step Login, begin one of two ways. Either:
Go to the Device Management portal using one of the following methods. Either:
Go to the Device Management Portal
Go to the Device Management portal using one of the following methods:
Use Append Mode Authentication
Some campus IT services, such as Desktop Everywhere using the VMware Horizon View client, do not support a web interface to specify how to complete the second step of authentication.
If you enter just your NetID and password with these non-web apps, Two-Step…
Remember a Device for 24 Hours
To avoid being prompted by Two-Step Login multiple times a day, select Trust browser during login. Two-Step Login won't prompt you again for most campus services for the next 24 hours.
Cornell has disabled the use of passcodes generated by the Duo Mobile App as an authentication method. Use one of the remaining authentication methods described below going forward.
With the Phone Callback method, Two-Step Login calls you on your mobile phone or landline.
To authenticate:
What do I do if my certificate is compromised?
Important: Contact the IT Service Desk to revoke a certificate if:
The server is compromised.
The private key is compromised or lost.
Your passphrase is compromised or lost.
Why Two-Step Login?
NetID passwords belonging to Cornell community members are stolen, guessed, or hacked daily. Two-Step Login means a thief would also need to have your device in order to do anything with your password.
Typically, by the time a password theft is detected or reported,…