Protect yourself and your money with dual authentication by DUO
Your Cornell NetID password unlocks access to your pay stubs, the bank account where your paycheck is deposited, and your tax data. This makes your password a target for criminals, who have used stolen NetID passwords to redirect pay to themselves and file fraudulent tax returns.
Dual authentication, called Two-Step Login at Cornell, blocks criminals from using stolen NetID passwords by requiring something in your possession that only you would have access to, like a desk or cell phone. It’s the same form of protection many of us use in settings outside of Cornell, such as online banking, Google apps, Twitter, Amazon, and LinkedIn, to name a few.
Beginning April 20, 2017, the university will require Two-Step Login to access your most sensitive data in Workday:
- Tax forms
- Payment elections (direct deposit)
- Address changes
- Changes to dependents
- I-9 (Employment Eligibility Verification form)
Requiring Two-Step Login for this handful of high-risk Workday tasks will provide an immediate, large security benefit for the Cornell community, without imposing a significant change in the daily activities of faculty, staff, and student employees.
Enrolling in Two-Step Login will not automatically activate its use for these services unless you "Opt in" to expand Two-Step, triggering its immediate use for all of Workday and most Cornell services that require login. If you choose to remain with the basic level of security, then beginning on April 20, you will only be prompted for Two-Step Login when the Workday task requires it.
Though Two-Step will only be required for the sections of Workday mentioned above, we’re encouraging everyone to also “Opt In” as one more level of added protection.
Full details about Two-Step Login and how to enroll are available on the CIT website at it.cornell.edu/twostep. Questions or concerns about dual-authentication should be directed to the IT Service Desk at email@example.com or 607-255-5500.
Print as PDF