Skip to content
  • Tuesday, June 6
  • Contact Us
  • Join The Sun!
  • About The Sun
  • Advertise
  • 161 Things Every Cornellian Should Do
  • Download our iPhone App
  • Instagram
  • Alumni
  • Where Did the Comments Go?
  • Support the Sun
  • logo
  • logo
  • News
    • City
    • Inspiring Cornellians
    • Prof. Profs
  • Opinion
    • Opinion Columnist Application
    • Columns
    • Editorials
    • Letters From
    • Letters To
    • Sex on Thursday
  • Sports
    • Men’s Hockey
    • Women’s Hockey
    • Men’s Basketball
    • Women’s Basketball
    • Men’s Lacrosse
    • Women’s Lacrosse
    • Wrestling
  • Arts & Culture
    • Columns
    • Events
    • Reviews
      • Concerts
      • Movies
      • Music
        • Singles
        • Test Spins
        • Sun Streams
      • Theater
      • Visual Arts
    • Spotlights
    • Solar Flares
  • Science
  • Dining
    • Eateries
    • Recipes
    • Local Events
    • Food for Thought
  • Multimedia
    • Podcast
    • Videos
  • Specials
  • 4/20
    • 2020
    • 2021
    • 2022
    • 2023
  • Global Navigation
    • Contact Us
    • Join The Sun!
    • About The Sun
    • Advertise
    • 161 Things Every Cornellian Should Do
    • Download our iPhone App
    • Instagram
    • Alumni
    • Where Did the Comments Go?
    • Support the Sun

The Cornell Daily Sun - Independent Since 1880

The Cornell Daily Sun (https://cornellsun.com/2018/11/18/cornell-to-require-two-step-login-for-student-center-to-improve-security/)

  • News
    • City
    • Inspiring Cornellians
    • Prof. Profs
  • Opinion
    • Opinion Columnist Application
    • Columns
    • Editorials
    • Letters From
    • Letters To
    • Sex on Thursday
  • Sports
    • Men’s Hockey
    • Women’s Hockey
    • Men’s Basketball
    • Women’s Basketball
    • Men’s Lacrosse
    • Women’s Lacrosse
    • Wrestling
  • Arts & Culture
    • Columns
    • Events
    • Reviews
      • Concerts
      • Movies
      • Music
        • Singles
        • Test Spins
        • Sun Streams
      • Theater
      • Visual Arts
    • Spotlights
    • Solar Flares
  • Science
  • Dining
    • Eateries
    • Recipes
    • Local Events
    • Food for Thought
  • Multimedia
    • Podcast
    • Videos
  • Specials
  • 4/20
    • 2020
    • 2021
    • 2022
    • 2023
  • Global Navigation
    • Contact Us
    • Join The Sun!
    • About The Sun
    • Advertise
    • 161 Things Every Cornellian Should Do
    • Download our iPhone App
    • Instagram
    • Alumni
    • Where Did the Comments Go?
    • Support the Sun

Courtesy of Cornell University

Students will be required to sign into Student Center and Student Essentials through a two-step login process starting on Starting on Nov. 26.

November 18, 2018
Two-Step Login

Cornell to Require Two-Step Login for Student Center to Improve Security

By Jeffrey Li | November 18, 2018
LikeTweet EmailPrint More
  • More on Two-Step Login
  • Subscribe to Two-Step Login

Starting on Nov. 26, students will be required to sign into Student Center and Student Essentials through a two-step login process, which the administration believes will significantly improve the security of personal information.

“This step [Two-Step-Login] may cause inconvenience, but we believe it is worth the effort to protect students’ account[s] and data,” said David Lifka, vice president for information technologies and chief information officer for the University.

Two-Step Login means that students have to confirm their identity on a separate device before logging in. They can take a call on a registered phone, tap “Approve” from an app called Duo Mobile, enter a code from either the app or a keychain or tap the button from a USB device, which are available for purchase online.

Lifka noted that the number of compromised accounts has been much lower after they created the Two-Step Login. Security has vastly improved because adversaries will need to have not only a person’s password but also access to their secondary authentication device.

Bypassing the Two-Step Login is “not impossible but highly improbable,” Lifka told The Sun.

Students will be required to use this method to access sensitive information, but Two-Step Login is not new.

Leaderboard 2



“Faculties have been required to use Workday Two-Step Login since June 2017,” Lifka said.

Furthermore, students can also opt to expand use of two-step login to all Cornell services that require a login.

Asked why Cornell chose Duo, Lifka pointed to its flexibility. Besides using the app on smartphones, students can purchase a Duo Hardware token at The Cornell Store or have the Duo call a landline phone, he explained. Tokens at currently retail for $25.

Newsletter Signup


Duo is also able to monitor fraudulent activities through responses on the app. If someone is trying to access your account, users are able to report this activity firsthand, before damage is done.

If a student loses their phone, Lifka explained that they can always call the IT Service Desk for assistance if this is the only secondary authentication method. He also recommended that students enroll more than one device to avoid this scenario.

Meanwhile, to alleviate the inconvenience from repeated authentication, Lifka pointed out students can opt to select the checkbox to “remember the device for 24 hours”.

“We are constantly evaluating new methods to improve the security of all systems and the people who use them,” Lifka said about next steps.

“As new methods become available and viable for the Cornell community, we will be sure to give users ample lead time to understand them, their impact, and best practices for their use,” Lifka said.



The Sun, now for iPhone

The Sun, now for iPhone

Click Here to Support the Sun

Related

  • KENKARE | In Defense of Rate My Professor

    By Pallavi Kenkare September 24, 2019

    As a 20-year-old with the attention span of a squirrel, it takes a truly phenomenal professor to hold my attention for 50 minutes, let alone an hour and 25. Cornell definitely has more than its fair share of life-changing teachers; I’ve had about one per year, and considering the implications of “life-changing,” I know I’m inordinately lucky.

  • Phishing Scheme Baits Cornellians, Stealing Passwords and Sowing Confusion

    By Rochelle Li February 19, 2019

    At first, the email appeared to be a reply to previous emails— opening the email revealed a blue box with instructions to “display trusted message.” However, unsuspecting Cornellians who opened the email quickly found out that it was not what it seemed.

© Copyright 2023, The Cornell Daily Sun

  • Home
  • Contact Us
  • Advertise
  • Publication Calendar
  • Email Subscription
  • Download our iPhone App
  • Staff

Back to top ↑