In order to access MIT’s secure Web applications, such as Atlas, Benefits, and WebSIS, or to download software from the software grid, MIT provides community members with personal Web certificates. For continued security, users are required to renew these certificates every year.
Certificates obtained within the past year are set to expire on July 31. To ensure continued access to these secured sites, plan to renew your certificates soon. This renewal process is not automatic and there are some steps you’ll need to take to get new certificates.
What’s new this year?
This year, for enhanced security and user protection, Information Systems and Technology (IS&T) has added Duo Authentication as an optional step in the certificate renewal process. Duo is a two-factor authentication system that leverages landlines, smartphones, and other mobile devices as an additional layer of security.
Faculty, staff, and affiliates will be required to use Duo no later than September 30, but IS&T encourages community members to register for it when renewing certificates. There will be a screen to sign up for Duo at the end of the certificate acquisition process.
Note: Duo enrollment is encouraged, but not yet required, for students.
For more information about Duo, see the memo to the community and the Two-Factor Authentication with Duo resource page.
Step one: Before obtaining your certificates
- If your password is over one year old, you will be prompted to change it during the certificate renewal process. For more information and tips on how to choose a strong password, visit Strong Passwords.
Step two: Obtaining your certificates
- For Safari, Internet Explorer, and Chrome users: Download the updated CertAid app from the IS&T software grid.
- For Firefox users: Install certificates via the Get an MIT Certificate page.
Note that if you use multiple machines and browsers, you will need to obtain a new certificate for each browser on each machine. For more information, see: Certificates at MIT.
Step three: Deleting your expired certificates
- It is recommended that, after installing your new certificates, you delete your expired ones. Failure to do so may cause problems accessing certificate-protected sites. For more information, see: Deleting Expired MIT Personal Certificates.
If you have questions or concerns, send an email to the IS&T Service Desk at email@example.com or call 617-253-1101. You can also send a request online.