UNI and Duo MFA
Uni Password Management
CUIT and Law IT has launched a new method of synchronizing your Law IT and UNI account passwords. Starting on Monday, January 27th, 2020, we are asking faculty, staff, and students to update their University passwords on the University's password management page at https://cuit.columbia.edu/cuit/manage-my-uni
- Go to uni.columbia.edu
- If you know your password and want to change it, click "Change Password"
- Sign in with your UNI and password.
- If you need to update your Security Questions, click “Edit” next to each question and update the answer.
- Click "Continue" after updating your Security Questions.
- Enter in your new password to the "Choose Password" and "Confirm Password" field and then hit “Submit”
- Go to uni.columbia.edu
- If you forgot your password, click "Forgot Password"
- Enter your UNI to the UNI field.
- Enter in your UCN (ID card number) and answer your Security Questions and then click "Next".
- If you need to update your Security Questions, click "Edit" next to each question and update the answer.
- Click "Continue" after updating your Security Questions.
- Enter in your new password to the "Choose Password" and "Confirm Password" field and then hit “Submit”
Once you update/change your University password, it will be automatically synchronized with your Law School login password. Going forward, you will no longer need to use the Law School password change manager - and your University password and your Law password will be identical for the following services:
- Lionmail http://lionmail.columbia.edu
- My.columbia.edu http://my.columbia.edu
- Courseworks https://courseworks.columbia.edu
- Lawnet http://www.law.columbia.edu/lawnet
- Remote.law http://remote.law.columbia.edu
- Law Antispam system https://antispam.law.columbia.edu
- Law SSL VPN https://finance-admin.law.columbia.edu/content/remote
- Law network G: and H: drives, and printing services
- Grouper http://grouper.cc.columbia.edu
We hope this account management enhancement will help simplify and streamline the password management process, and we are here to help make this update as straight-forward as possible. Please feel free to contact us if you have any additional questions.
Multi-factor Authentication
As part of our continual process to improve the security of all Law School systems, Law IT now implements multi-factor authentication for accessing protected web resources. Such resources include the LawNet Portal, the Law School main website, and other law school website properties.
The purpose of multi-factor authentication is to add another layer of security to your account by ensuring only you can complete the login process, regardless of who may know your password.
Upon logging in with your credentials, you will be prompted to verify your identity via the DUO Universal Prompt by default. This system will push a verification request to any of your mobile devices registered with the DUO mobile app. This process is identical to what you currently experience when logging into University resources, such as LionMail or Courseworks. If you have recently accessed these systems, you will likely already have the DUO app configured and ready for this transition.
What’s Changing
Starting on Saturday, January 13, 2024, Upon login to LawNet or the Law School Website, you will notice the authentication prompt from DUO to verify your identity.
After entering your Columbia UNI credentials on the sign-in screen, the Duo Universal prompt will automatically choose the DUO Mobile Push approval method, likely configured on your phone. This is one of the most secure methods. The DUO Universal prompt allows you to choose other methods listed when you click on the “Other options” link. Those options include:
- Duo Push (default)
- Duo Mobile passcode
- Text Message passcode (SMS)
- Phone call
- Bypass code (if provided by IT ServiceDesk)
Once you select an option for authentication, DUO will use that method on subsequent visits.
Upon successful verification, DUO will ask if you want to trust the browser. If you click “Yes, trust browser,” the browser will automatically remember your setting for 24 hours. You will not be prompted for DUO during that time if the application or service you are accessing allows it. If you select “NO, do not trust this browser,” you will still authenticate and continue onto your desired site. However, you will be prompted by DUO verification each time you log into an application on that browser.
Please note that you should not Trust a browser on a shared computer, such as a hotel business center or a computer in your home.
If you need assistance setting up or using DUO, please get in touch with the Law IT Service Desk at [email protected].
