Content (45)
Why Two-Step Login?
NetID passwords belonging to Cornell community members are stolen, guessed, or hacked daily. Two-Step Login means a thief would also need to have your device in order to do anything with your password.
Typically, by the time a password theft is detected or reported,…
If you don't see the Expand Where You Use Two-Step Login tab described below, then you are required to use Two-Step Login with any service where you log in with CUWebLogin and cannot opt out of this expanded use of Two-Step Login.
Expand Your Use of Two-Step Login
To better protect…
About Hardware Tokens
A hardware token is a keyfob-like device where you press a button to generate a one-time passcode for use in the second step of logging in. Hardware tokens are an option for situations where using a landline, cell phone, or other mobile device with Two-Step Login is not…
During Fall 2025, Cornell is retiring the Duo Phone Call and
Other articles with tips to help you protect meetings and courses:
If you have questions about the information on this page, please feel free to contact Celisa Manly, your manager, your division representative to the CIT Security Board (see number 4 in the list below), Dave Vernon (Assistant VP and Chief Technology Officer), or Wyman Miles (CIT Security Officer…
To go to the Two-Step Login Device Management Portal, either:
During Fall 2025, Cornell is retiring the Duo Phone Call and
Setting Up a Duo Application
Duo Security supports integration with a broad range of applications and technologies, listed on the top page of their online documentation.
What do I do if my certificate is compromised?Important: Contact the IT Service Desk to revoke a certificate if:
Generate a Certificate Signing Request (CSR) file in Microsoft IIS 6.0 Without Removing the Existing Certificate
To generate a new CSR without removing the current certificate, a temporary website must be created. This workaround will apply for IIS servers that currently have certificates…
How Can I Request a Code-Signing Certificate?Send your request to the IT Service Desk. Specify the contact email address you would like to appear in your certificate.The IT Service Desk will initiate a code signing certificate invitation.
How do I renew an SSL certificate?When your certificate's expiration date approaches, you will be notified by email that you need to renew.
(For information about what phishing is, see How to Guard Against Internet Fraud.)
Nudge is an application to notify end users about macOS security updates they should install. Cornell IT Security Policy 5.10 requires all devices to be fully up to date with security updates within a minimum of 30 days of release. CIT requires macOS security updates be installed within 14…
The University Privacy website provides guidance and detail regarding privacy, including specifics on Information Use at Cornell.
Instructors or students accessing Zoom through Canvas can encounter issues opening Zoom. This might result in a blank screen area where the Zoom app should appear or an error message indicating Zoom failed to load, the session has expired, or the user is invalid.When troubleshooting Canvas-Zoom…
User Experience
If you use the macOS Contacts app, you may not be able to sync your contacts after opting in to Two-Step Login for Office 365.
What to Do
Select System Preferences.
Select iCloud.
Deselect (uncheck) iCloud Keychain.
Select OK.
User Experience
My USB security key does not work for Two-Step Login in the Firefox browser.
User Experience
When you use your U2F security key, you see the following message: