Network security is important to ensure that your personal information is protected, to verify that you are who you say you are (to "authenticate" you) and to allow only authorized people to access network services. To assure the highest network secu rity possible, Cornell Information Technologies (CIT) recommends the use of a particular type of authentication for e-mail (Eudora) called "Kerberos." Beginning in January, anyone new to Eudora at Cornell automatically has been using the Kerberos authentication system.
Changing your current authentication settings in Eudora is straightforward. Fol low the four steps below:
·Check that you have the most current version of Eudora, 2.1.3 for Macintosh and 2.1.2 for Windows. If you don't, click the Mail button on the Bear Access Launch Pad to retrieve it.
·Choose "Configuration" (Windows) or "Settings" (Macintosh) under Eudora's Special menu.
·Click on "Checking Mail" in the left -hand scroll box.
·Select the "Kerberos" button and then click OK.
The next time you check mail, you will be using Kerberos. To help protect your personal information, note the following important items:
·When you enter your password, Kerberos will give you a "ticket." This ticket will give you "admission" to any of the Bear Access services that use Kerberos, which include Mail (Eudora), Employee Essentials, Just the Facts, Student Jobs/Internships, Faculty Services and Change Password. Some services may ask you to enter your password again as an addi
tional security measure.
·This ticket is good for eight hours or until you cancel it (unless you are working in the CIT Public Workstation Labs, where it will expire in a matter of minutes).
·If you are using the Bear Access Launch Pad, you will know your ticket is active when the "broken key" icon is displayed. If you are not using the Launch Pad, you will not see that you have a ticket; however, if you have accessed a Kerberos service, you probably have one.
·To protect access to your personal information, cancel, or "clear," your ticket whenever you leave your computer for more than a few minutes. You can do this by clicking on the broken key icon on the Launch Pad, by select ing "Forget Password" under Eudora's Special menu (note: "Forget Password" doesn't always work in Windows), or by using "Network Logout," part of Bear Access for Macintosh found in the Mandarin Tools folder (inside the
Launch Pad-Bear Access folders on your computer's hard drive).
·When you are connecting to the campus network through a modem, you should also cancel your ticket any time you disconnect and reconnect within eight hours. Otherwise you might get an error message about a "Kerberos authentication failure" when you reconnect. If you do get this error message, simply clear your ticket at that time and try again.
To find out more about Kerberos and network security, check out the CIT Kerberos Web page at the following address: <http://www.cit.cornell.edu/cit -pubs/kerberos.html> or contact the CIT Service HelpDesk, 255-8990, <helpdesk @cornell.edu>.
Written by Charlotte Kiefer and Barbara Skoblick of CIT. This column was compiled and edited by Daisy Z. Dailey of CIT. Send questions or comments to | Cornell Chronicle Front Page | | Table of Contents | | Cornell News Service Home Page |