Improving the Cardinal Key Experience
You shared your feedback with us, and we've heard you. The result: a substantially improved Cardinal Key user experience is on the way.
Cardinal Key Frequently Asked Questions
Self Help for the two most common Cardinal Key errors, see our Cardinal Key Known Issues page known-issues.
Learn more about Cardinal Key by visiting cardinalkey.stanford.edu.
- Q. How does Cardinal Key protect my computer?
- A. Cardinal Key ensures that devices meet our MinSec requirements (per MyDevices) regardless of location.
- Q. How does Cardinal Key protect against phishing?
- A. Using Cardinal Key means no longer being prompted for a SUNet ID and password. If you DO encounter a Stanford-looking login page asking for a username and password while using Cardinal Key, you should be suspicious of a phishing attempt.
- Q. I have Cardinal Key installed on my device. Why am I still being prompted for two-factor authentication?
A. Cardinal Key replaces the need to provide your SUNet ID and password. Depending on the system, the frequency may vary, but you will still need to two-factor in. Learn more about two-step authentication.
- Q. Which Stanford sites require me to log in with a Cardinal Key?
- A. The campus-wide Cardinal Key rollout is to enforce the use of Cardinal Key when logging into webmail.stanford.edu, axess.stanford.edu, and Google Docs (this would include *.google.com).
- Q. Why can’t I join the eduroam network with my Cardinal Key?
- Q. Cardinal Key works fine on all my browsers, but I cannot log in to VPN with it. What should I do?
A. When logging into the VPN, please make sure you are selecting the Cardinal Key instead of another certificate. Learn more:
- Q. Why does my Cardinal Key work in Chrome but not Firefox?
A. Make sure you have the correct settings set via the instructions found under "How to enable Cardinal Key for macOS on Firefox Version 75+" at: https://uit.stanford.edu/service/cardinalkey/install_windows or https://uit.stanford.edu/service/cardinalkey/install_mac.
- Q. Why did my Cardinal Key stop working in Firefox?
A. Make sure Firefox doesn't have the following authentication decision saved:
- Open the Firefox Preferences by navigating to Firefox> Preferences > Privacy & Security > View Certificates > Authentication Decisions.
- In the "These certificates are used to identify you to websites" window, select the line that shows login.stanford.edu and Send no client certificate.
- Click Delete.
- Click OK.
- Q. Can I install Cardinal Key on a personal device?
A. Yes, you can install Cardinal Key on a personal device. In order to use the Cardinal Key past the initial 48 hour grace period, that device needs to be compliant in MyDevices.
- Q. Can I store High Risk Data in Google Drive using Cardinal Key?
A. Yes, follow the instruction on this page to learn more.
- Q. Can I install Cardinal Key on a shared device?
A. Cardinal Key does not work well on a shared workstation. Depending on the scenario you are in, you can request an exemption.
- Q. Which Stanford sites can I log in with a Cardinal Key?