Improving the Cardinal Key Experience
You shared your feedback with us, and we’ve heard you. The result: a substantially improved Cardinal Key user experience is on the way.
Cardinal Key is now being used by more than 15,000 of us across the university, providing unprecedented protection for our accounts, systems, and data. Going passwordless is a bold step forward, and Stanford is leading the way.
As the large-scale deployment of Cardinal Key progressed over the summer, we became aware of a few problem areas. Addressing these problems has been our top priority, and they are actively being resolved. Here’s what we’re working on:
- Setting browser cookies has always been one of the most problematic aspects to installing and using Cardinal Key. Soon you’ll no longer need to enable Cardinal Key in each web browser, and you will not need to re-enable Cardinal Key each time you clear your browser’s cache and cookies. No action will be necessary on your part once this back-end change has been made. This will eliminate the most common Cardinal Key problem.
- In rare circumstances, Stanford websites may reject access indicating that Cardinal Key is not being used, even when it is properly configured. This glitch will soon be resolved with a new Stanford Login configuration, with no action necessary on your part.
- The initial Cardinal Key setup remains the greatest obstacle to adoption — we need to make it easier. An improved version of the Cardinal Key installer for laptops and workstations now automates portions of the manual installation process that many found difficult.
- Cardinal Key is now supported on shared workstations but requires a lengthy login session during setup. Modifications will soon be in place to eliminate that time requirement.
Blending convenience with security
By going passwordless, Cardinal Key streamlines the login experience, but it’s about much more than convenience: it’s about protecting our systems and data.
Stanford account passwords are frequently compromised through phishing, and not all of our systems are protected by two-factor authentication. Cardinal Key protects you from phishing and provides an extra layer of security for your Stanford account.
Cardinal Key represents a significant change in how we access Stanford systems. Once enforced, a person’s devices must be in adherence with Stanford’s cybersecurity standards (including encryption) in order to access certain Stanford systems. Before Cardinal Key, it was possible to use untrusted devices, posing a significant cybersecurity and privacy risk to the university.
Cardinal Key is part of a broader plan called “Healthy Devices” to modernize Stanford employee devices. You can learn more by visiting Devices @ Stanford.