Chronicle of Higher Education incident reminds us of DUO Everywhere's importance

August 6, 2020

Yale often receives notifications of security incidents involving non-Yale websites. These incidents can expose the username and password you use to login to non-Yale sites. For that reason, it is important not to use your Yale password for non-Yale systems. Sometimes we forget or are not sure if we used our Yale password elsewhere. Read more to learn how to better protect your Yale NetID when an incident like this occurs. We encourage Distributed Support Providers (DSPs) and our IT Partners to share this information with their clients.

Recently there was a security incident on the Chronicle of Higher Education website. Yale offers free Chronicle of Higher Education accounts to our community members. The incident may have exposed Chronicle of Higher Education email addresses and passwords.

These incidents remind us of the importance of having Multifactor Authentication (MFA). Having MFA active on your Yale credentials can protect you in incidents such as these. Enroll in Duo Everywhere to protect your Yale NetID and password no matter where you are. Duo Everywhere increases security while decreasing the amount of MFA prompts you experience.

The Chronicle for Higher Education has informed affected individuals with @yale.edu accounts. Those account passwords are no longer valid. If you received this notice, you will need to set a new password the next time you visit the site.

To protect your Yale credentials:

  • Do not use your Yale NetID password for any other applications or sites.
  • Enroll in Duo Everywhere for added protection. Duo Everywhere extends multifactor authentication (MFA) to both on-campus and off-campus logins, including email.
  • Create complex passwords or passphrases that include letters, numbers, and symbols. See Yale’s new and improved password security for more details.