security
Content (40)
Cornell security liaisons, technical support providers, and those interested in learning more about security-related topics are invited to join the monthly IT Security SIG meeting.
July’s Agenda includes:
In February 2024, Gmail will begin enforcing several security-related requirements for messages sent to Gmail accounts. These requirements include proper authentication and domain records for the sending domain, secure transmission connections, a low spam rate for the sender, and proper email…
Starting Sunday, November 26, 2023, Cornell users will see a minor change when they log into Cornell IT services using the CUWebLogin webpage.
By default, the Remember My Username checkbox will be checked and the current browser instance will auto-fill the user’s Cornell NetID in the Username (…
Beginning this summer, CIT will launch an initiative to significantly improve email security at Cornell by implementing Domain-based Message Authentication, Reporting, and Conformance ("DMARC") at Cornell.
Cornell users who send bulk emails (such as, but not limited to, e-newsletters or…
Keeping your personal information, Cornell sign-in credentials, and important data safe means protecting your passwords. Anyone with active online accounts encounters dozens of passwords used to access Cornell resources, personal online banking, e-commerce sites, and other websites. Below you will…
Log In Using a Security Key (USB Device)
Supported browsers include Chrome 70 or later, Firefox 60 or later, Safari 13 or later, or Microsoft Edge 79 or later.
Go to the Device Management Portal
To add a new device to Two-Step Login, begin one of two ways. Either:
Go to the Device Management portal using one of the following methods. Either:
When you have a new smartphone, there are a few steps you need to take to setup the phone you're using for your Two-Step Login account. What you do with your account depends on whether or not you kept your phone number or if you have a new number on your new smartphone.
Go to the Device Management Portal
To add a new device to Two-Step Login, begin one of two ways. Either:
Go to the Device Management portal using one of the following methods. Either:
Go to the Device Management Portal
Go to the Device Management portal using one of the following methods:
Use Append Mode Authentication
Some campus IT services, such as Desktop Everywhere using the VMware Horizon View client, do not support a web interface to specify how to complete the second step of authentication.
If you enter just your NetID and password with these non-web apps, Two-Step…
Remember a Device for 24 Hours
To avoid being prompted by Two-Step Login multiple times a day, select Trust browser during login. Two-Step Login won't prompt you again for most campus services for the next 24 hours.
Cornell has disabled the use of passcodes generated by the Duo Mobile App as an authentication method. Use one of the remaining authentication methods described below going forward.
With the Phone Callback method, Two-Step Login calls you on your mobile phone or landline.
To authenticate:
What do I do if my certificate is compromised?
Important: Contact the IT Service Desk to revoke a certificate if:
The server is compromised.
The private key is compromised or lost.
Your passphrase is compromised or lost.
Why Two-Step Login?
NetID passwords belonging to Cornell community members are stolen, guessed, or hacked daily. Two-Step Login means a thief would also need to have your device in order to do anything with your password.
Typically, by the time a password theft is detected or reported,…
If you don't see the Expand Where You Use Two-Step Login tab described below, then you are required to use Two-Step Login with any service where you log in with CUWebLogin and cannot opt out of this expanded use of Two-Step Login.
Expand Your Use of Two-Step Login
To better protect…
About Hardware Tokens
A hardware token is a keyfob-like device where you press a button to generate a one-time passcode for use in the second step of logging in. Hardware tokens are an option for situations where using a landline, cell phone, or other mobile device with Two-Step Login is not…
First Time Setup for Two-Step Login
If you need information about the many types of devices you can use with Two-Step Login, you can explore device options, then return here to enroll your chosen device(s).
If you have already selected your authentication device(s), continue with these…
Other articles with tips to help you protect meetings and courses: