Does WCMC see the data in my personal LastPass account?
No, if you use a separate LastPass account for personal passwords, and even if that account is “linked” to your WCMC LastPass account for more convenient access, WCMC does not have any visibility into the contents of that account or your use of that account.
Can I use LastPass on my mobile device?
Yes, with the Premium and Enterprise versions of LastPass you can install the LastPass app on your mobile devices to help manage mobile logins. LastPass supports every major smartphone and tablet, including Android, iOS, and Windows Mobile devices. More information is available here.
What passwords can and cannot be stored in LastPass?
Any business account that you use in the workplace should be stored in your Enterprise account. We recommend that you do not store any personal information in the Enterprise account, but rather in a separate, personal LastPass account. If you ever have any questions, ask your Enterprise administrator. If you do choose to store any other passwords in your LastPass account they must adhere to any policies laid out by your Administrator.
Can Duo be used with a physical token?
Yes. The preferred method to use Duo is by using a smartphone. However, if you do not have a smartphone, you can ask your Department Administrator to request one for you
Does the Apple Watch support Duo?
Yes, Duo supports the use of the Apple Watch to authenticate a user's session and generate a token. More information is available on the Duo website.
How do I enroll in Duo?
On your start date at Weill Cornell Medicine, you will receive an email from Duo with enrollment instructions. Click the link to continue and complete the enrollment. For a full overview of how to enroll in Duo see this KB article: Duo Enrollment Workflow.
You can utilize Duo on many devices, including:
How will my login experience change with Duo?
Your login experience will only change when you are accessing a Duo protected service in a way that it determines two-factor should be invoked, such as accessing myApps from another country.
You will continue to log into the service using a CWID and password, “something you know.” Duo then, based on a policy decision, asks for the second level of authentication by utilizing a code “something you have.” The code can be easily be accessed from a smartphone app, SMS, or voice call.
What is Two-Factor Authentication?
Two-Factor Authentication is a security best practice that requires more than one type of security method when logging in to an application. An authentication method can include something you know (a password or PIN), or something you have (a unique code).
Two-Factor Authentication adds an extra layer of protection that makes it more difficult for anyone to gain access to your accounts, even if your password has been compromised.
