SLAC Cardinal Key FAQs

Where do I go to install SLAC Cardinal Key?

• You can install the SLAC Cardinal Key by visiting https://onboard.cloudpath.net/enroll/StanfordUniversity/CardinalKeySLAC/

How do I install SLAC Cardinal Key?

• MAC - Cardinal Key Setup
• Windows - Cardinal Key Setup

Why does my SLAC Cardinal Key stop working after two days?

• There is a two-day grace period after the initial installation of the SLAC Cardinal Key. Once the grace period expires, SLAC Cardinal Key will become unusable until the compliance is addressed.

I have SLAC Cardinal Key on my device.  Why am I still being prompted for two-factor authentication?

• Cardinal Key replaces the need to provide your SUNet ID and password (first-factor). Depending on the system, the frequency may vary, but a second authentication credential (two-factor) is still required by policy.

What sites are currently using SLAC Cardinal Key?

• Currently, all Stanford University application that support Single-Sign-On (SSO) recognizes the SLAC Cardinal Key. Since SUNetID SSO is standard at Stanford by policy, it is the enterprise wide authentication method to over 2,600+ university applications.

How does Cardinal Key protect my computer?

•  Cardinal Key ensures that devices meet SLAC cybersecurity requirements. 
  
  • The device must be owned by SLAC and have the correct information in the Property Control database regarding custodian, location, etc.
  • SLAC IT must actively manage the device
  • The device must be running a current, supported version of its operating system
  • Disk encryption is required
  • Crowdstrike must be installed and active

Why does my SLAC Cardinal Key work in Chrome but not in Firefox?

• How to enable Cardinal Key for Firefox Version 72 or Greater on Windows 10
• How to enable Cardinal Key for Firefox Version 75+ on macOS

Why did my SLAC Cardinal Key stop working in Firefox?

• Make sure Firefox doesn't have the following authentication decision saved:
  
  • Open the Firefox Preferences by navigating to Firefox> Preferences > Privacy & Security > View Certificates > Authentication Decisions.
  • In the "These certificates are used to identify you to websites" window, select the line that shows login.stanford.edu and Send no client certificate.
  • Click Delete.
  • Click OK.

Can I install SLAC Cardinal Key on a shared device?

• Shared and virtual machines are not supported

Can I install SLAC Cardinal Key on Android and iOS devices?

• iOS support is under development. Android and Linux support will come in future rollouts.

Can I install SLAC Cardinal Key on a personal device?

• Machines that are not centrally managed are not supported.

How do I uninstall Cardinal Key on a Windows device?

• Please see KB0012010 for instructions.