Re: Initial Passwords

[Eric Case <ecase () EMAIL ARIZONA EDU>]

At 02:41 PM 4/1/2009 -0400, King, Ronald A. wrote:
> Our new users (or their manger) fills out a form requesting accesses
> to different systems based on their function here.  When we get the
> form and all the appropriate signatures, we create the account and
> password.  It usually takes us a day or two at the most.  Our
> policies do not permit us to distribute this via non-secure means
> such as email, and, the user is waiting patiently to be informed,
> but, we are kind of in a catch 22 situation; I can't email the info
> to you so you can access your email to see that I have created your
> account, and waiting for the user to contact us (provided they know
> who to contact) isn't part of our customer service practices.

Why can't you call their manager (or them)?  Or have a web based form
that the user fills out and it creates a disabled account.  Now only
the user know their initial.  The account is disable until you get
the paperwork and enable the account.
-Eric



Eric Case, CISSP  <ecase () Arizona edu>
Information Technology Services Coordinator
Information Security Officer
College of Engineering   <http://www.Engr.Arizona.edu>
1127 E James E. Rogers Way Room 200
Tucson, AZ 85721-0020
Mobile Phone 520-275-6436