Content (45)
If you don't see the Expand Where You Use Two-Step Login tab described below, then you are required to use Two-Step Login with any service where you log in with CUWebLogin and cannot opt out of this expanded use of Two-Step Login.
Expand Your Use of Two-Step Login
To better protect…
About Hardware Tokens
A hardware token is a keyfob-like device where you press a button to generate a one-time passcode for use in the second step of logging in. Hardware tokens are an option for situations where using a landline, cell phone, or other mobile device with Two-Step Login is not…
First Time Setup for Two-Step LoginIf you need information about the many types of devices you can use with Two-Step Login, you can explore device options, then return here to enroll your chosen device(s).If you have already selected your authentication device(s), continue with these instructions.
Other articles with tips to help you protect meetings and courses:
If you have questions about the information on this page, please feel free to contact Celisa Manly, your manager, your division representative to the CIT Security Board (see number 4 in the list below), Dave Vernon (Assistant VP and Chief Technology Officer), or Wyman Miles (CIT Security Officer…
To go to the Two-Step Login Device Management Portal, either:
During late 2024, Cornell will begin rolling out Duo Verified Push for logins using the Duo Push method. Affected campus populations will be notified by direct email about this change.
Support Documentation
For more information about the product that Cornell uses to provide Two-Step Login, see Duo Security's Guide to Two-Factor Authentication.
Setting Up a Duo Application
Duo Security supports integration with a broad range of applications and technologies, listed on the top page of their online documentation.
What do I do if my certificate is compromised?
Important: Contact the IT Service Desk to revoke a certificate if:
The server is compromised.
The private key is compromised or lost.
Your passphrase is compromised or lost.
Are There Any Fees and/or Billing for SSL?
There is no…
Generate a Certificate Signing Request (CSR) file in Microsoft IIS 6.0 Without Removing the Existing Certificate
To generate a new CSR without removing the current certificate, a temporary website must be created. This workaround will apply for IIS servers that currently have certificates…
How Can I Request a Code-Signing Certificate?Send your request to the IT Service Desk. Specify the contact email address you would like to appear in your certificate.The IT Service Desk will initiate a code signing certificate invitation.
How do I renew an SSL certificate?When your certificate's expiration date approaches, you will be notified by email that you need to renew.
(For information about what phishing is, see How to Guard Against Internet Fraud.)
Nudge is an application to notify end users about macOS security updates they should install. Cornell IT Security Policy 5.10 requires all devices to be fully up to date with security updates within a minimum of 30 days of release. CIT requires macOS security updates be installed within 14…
The University Privacy website provides guidance and detail regarding privacy, including specifics on Information Use at Cornell.
Instructors or students accessing Zoom through Canvas can encounter issues opening Zoom. This might result in a blank screen area where the Zoom app should appear or an error message indicating Zoom failed to load, the session has expired, or the user is invalid.When troubleshooting Canvas-Zoom…
User Experience
If you use the macOS Contacts app, you may not be able to sync your contacts after opting in to Two-Step Login for Office 365.
What to Do
Select System Preferences.
Select iCloud.
Deselect (uncheck) iCloud Keychain.
Select OK.
User Experience
My USB security key does not work for Two-Step Login in the Firefox browser.
User Experience
When you use your U2F security key, you see the following message: