Security: Email And Password Options

Forgot Your Password?

To reset your password, go to  https://commons.gc.cuny.edu/wp-login.php?action=lostpassword and enter either your username or email address. Click on Get New Password.  You will receive an email with  a link to a page where you can reset your password.

Security Settings

To access the Security screen below, go to the top black navigation bar, hover over your avatar in the upper right hand corner. A dropdown menu will appear. Scroll down the My Settings and select Security.

 

Changing Your Account Email

You can change your Account Email on this screen to the one you prefer. Simply over type your existing email with the one your prefer. Click on Save Changes and an email will be sent to this email address to ensure it is valid. You will need to respond to this email to verify the address is correct.

Your account email is used for notifications on the Commons. It is also used when you forgot your password or when you use Two-Factor Authentication (see below).

Changing An Existing Password

To change your password or to optionally enable two factor authentication, log into the Commons and go to Account Settings>>Security. If necessary, re-enter your existing password.  If you only want to change your password, click on the Generate Password button. If you don’t like the generated password you can over-write it to the password you prefer. Then click on the Save Change button. Your password is now changed.

Two-Factor Authentication (optional)

Two-factor authentication (2FA) adds an extra layer of security when logging into the Commons. With 2FA, you have to log in with your username and password and also provide another form of authentication that only you know or have access to. The Commons supports 2FA during login and offers four different 2FA options, listed below.

Unless you own a security key, we strongly recommend using a Time-Based One-time Password (TOTP) application to configure two-factor authentication. TOTP is more reliable and portable than the email option, especially when you do not have internet access to check your email.

Enabling 2FA

Members can enable multiple 2FA options, but only one can be primary. It is a good idea to have backup ways to obtain your authentication code

  • Email

    Using this method, your authentication code will be delivered via email. If you’re unable to use a TOTP app, you can also authenticate with email. When configured as your primary 2FA option, an authentication code will be sent to your registered email address during login. This code will need to be entered in order to gain access to your Commons account.

To use this option:

    1. Enable the Email option.
    2. Click Save Changes.

  1.  
  • Time-Based One-Time Password (the preferred method)

A time-based one-time password (TOTP) application automatically generates an authentication code that changes after a certain period of time. When configured as your primary 2FA option, you will be asked to enter this code from your TOTP app during login.

To use this option:

    1. Ensure you have downloaded a TOTP app onto your device. Popular cross-platform apps include Authy, 1Password, LastPass, Duo.
    2. Enable the Time-Based One-Time Password (TOTP) option.
    3. Scan the QR code with your TOTP app. After scanning, the app will display a six-digit code. (If you are unable to scan the QR code, find the Key field under the QR code and manually copy the key into your TOTP app.)
    4. Next, enter the six-digit code into the Authentication Code field and click on Complete Set Up.
    5. TOTP should now be set up as a 2FA option. If you haven’t set up recovery codes, it is highly-recommended to enable this option as well.
Entering the authentication code to enable the TOTP option


  • Security keys

We support USB security keys as a form of two-factor authentication. (A security keys is a physical device that you carry with you and insert into a USB port one the computer you are accessing.) When configured as your primary 2FA option, you will be asked to enter your USB security key during login.

If you have a USB security key, you can register your key as a 2FA option by:

    1. Enabling the Security Keys option.
    2. This will toggle a “Security Keys” section after the 2FA table.
    3. Click on Register New Key and when prompted, insert your USB security key into your device.
    4. Your security key should now be displayed under the Security Keys section. If you haven’t set up recovery codes, it is highly-recommened to enable this option as well.
Configuring your security key
  • Recovery Codes

It is highly-recommended to enable recovery codes if you have configured another 2FA option. This can help you get back into your account if you ever lose access to your other 2FA device(s).

To use this option:

  1. Enable the Recovery Codes option.
  2. Click on Generate New Recovery Codes.
  3. Copy or download the codes when they are displayed. These codes will only be displayed once. If you misplace your recovery codes, you can generate a new set of codes by clicking on the button again.
  4. Click Save Changes.
Generating a new set of recovery codes

 

Password Best Practices