Acceptable Use Policy

Virginia Tech Login is covered by the University Acceptable Use Policy.

In simple terms Login is a University authentication system that shall be used to access services to which you are rightly entitled using credentials belonging to you. Any other use is prohibited.

Privacy Policy

The privacy policy consists of the following aspects covered in following sections:

In general Login takes a conservative approach to privacy and collects as little data as needed to fulfill the purpose of the application and we disclose very little data about you unless you explicitly tell us otherwise.

Recorded Information

Login records client IP addresses, usernames, and accessed services in order to provide an audit trail in support of fraud, abuse, and other security investigations conducted by authorized University personnel. Recorded data may also be used for diagnostic and troubleshooting purposes. Recorded data (logs) are preserved for at least 30 days.

Disclosure of Personal Information

The data recorded by Login may be shared internally as needed for operational and investigative purposes. Data is not disclosed to third parties except under force of law.

External Services

An external service is any system other than Login. In particular Login supports authentication with both University and third-party services. While the privacy practices of all University services are similar, the details may vary with each particular service. Consult the privacy statement on each Univeristy site for further information.

The privacy practices of third-party services vary and are the responsibility of the service provider. Please consult the privacy page of each service for more information.

Cookies

Login uses a session cookie to track authenticated state exclusively if session cookies are supported on the client browser. Login supports a cookie-less mode that provides a degraded user experience, but it is still fully functional when cookies are disabled.

Security Practices

Login is deployed and managed according to best practices with regard to security and availability. In particular, sensitive information is transmitted using strong encryption. Additionally, Login does not store sensitive information such as user passwords.