Educause Security Discussion mailing list archives
Re: Initial Passwords
From: Eric Case <ecase () EMAIL ARIZONA EDU>
Date: Wed, 1 Apr 2009 22:08:50 -0700
At 02:41 PM 4/1/2009 -0400, King, Ronald A. wrote:
Our new users (or their manger) fills out a form requesting accesses to different systems based on their function here. When we get the form and all the appropriate signatures, we create the account and password. It usually takes us a day or two at the most. Our policies do not permit us to distribute this via non-secure means such as email, and, the user is waiting patiently to be informed, but, we are kind of in a catch 22 situation; I can't email the info to you so you can access your email to see that I have created your account, and waiting for the user to contact us (provided they know who to contact) isn't part of our customer service practices.
Why can't you call their manager (or them)? Or have a web based form that the user fills out and it creates a disabled account. Now only the user know their initial. The account is disable until you get the paperwork and enable the account. -Eric Eric Case, CISSP <ecase () Arizona edu> Information Technology Services Coordinator Information Security Officer College of Engineering <http://www.Engr.Arizona.edu> 1127 E James E. Rogers Way Room 200 Tucson, AZ 85721-0020 Mobile Phone 520-275-6436
Current thread:
- Initial Passwords King, Ronald A. (Apr 01)
- <Possible follow-ups>
- Re: Initial Passwords Gary Dobbins (Apr 01)
- Re: Initial Passwords King, Ronald A. (Apr 01)
- Re: Initial Passwords Gary Dobbins (Apr 01)
- Re: Initial Passwords Gary Dobbins (Apr 01)
- Re: Initial Passwords King, Ronald A. (Apr 01)
- Re: Initial Passwords Bristol, Gary L. (Apr 01)
- Re: Initial Passwords Dexter Caldwell (Apr 01)
- Re: Initial Passwords Brenda B Gombosky (Apr 01)
- Re: Initial Passwords Schumacher, Adam J (Apr 01)
- Re: Initial Passwords Eric Case (Apr 01)