Reminder: The IT Security Office is taking steps to enforce strong crypto protection for Cornell NetID passwords. Updating to strong crypto is triggered when the customer next changes their NetID password using the Manage Your NetID ( https://netid.cornell.edu/ ) webpage.
Starting Tuesday, March 12, 2024, customers with weak crypto will be blocked from logging into Cornell sites through CUWebLogin (Shibboleth IDP) until they change their password, triggering the crypto update. These customers will also see a message on the CUWebLogin page letting them know about the need to change their password (see the screenshot image attached to the change ticket).
Affected individuals have been notified by targeted email. See https://it.cornell.edu/verified/10786 for the content of the targeted email.
ITSG Directors, TSPs, and the IT Service Desk have been notified about the coming change. IT support details can be seen in the document, “TSP-ITSG info - Updating NetID account strong crypto - Feb 2024” attached to the change ticket.
See also IT News, https://it.cornell.edu/news/netid-password-strong-encryption-will-requir... .