Educause Security Discussion mailing list archives
Re: Password Management for Students
From: Kenneth Arnold <bkarnold () CBU EDU>
Date: Mon, 13 Oct 2008 10:51:23 -0500
1. The financial auditors mandated that we must expire passwords on a regular basis. We decided to expire them in 120 days so that if a person reset their password at the end of the school year it would not expire until the school year resumed. 2. They can contact the helpdesk and the helpdesk will reset the password for them. They then need to come to the helpdesk to pick up the password information. We also have an on-line password reset that requires them to know three personal pieces of information in the database and the answer to their own question. 3. An automated process sends an email warning at 1 month, 2 weeks and every day starting at 7 days before expiration until the password either expires or the password is changed.
4. We don't use UPortal Joey Rego wrote:
Ladies and Gentlemen,I was hoping someone could lend me some assistance. We are trying to make some changes to our password policy for our students and we were hoping to find out what other institutions are doing. So here are our questions.· How did you decide on the policy?· How are the students resetting the password once it expires? · Are you notifying your students when their password is expiring via an email and is this process automated?· Does anyone responding use UPortal using Active Directory for user authentication and how they are notifying the users that their account is expired or expiring through UPortal?Thanks for your help in advanceJoey Rego Lynn University
-- Brother Kenneth Arnold Director of Network Systems Christian Brothers University Memphis, TN (901) 321-4333
Current thread:
- Password Management for Students Joey Rego (Oct 10)
- <Possible follow-ups>
- Re: Password Management for Students Doug Markiewicz (Oct 13)
- Re: Password Management for Students Kenneth Arnold (Oct 13)