Educause Security Discussion mailing list archives

Re: Back on topic.... Re: [SECURITY] University credentials used by third parties

From: Jesse Thompson <jesse.thompson () DOIT WISC EDU>
Date: Wed, 25 Aug 2010 13:27:09 -0500

On 08/25/2010 10:55 AM, Mike Porter wrote:

What was the violation?


The obvious, unless you consider double standards a violation.

The problem that users woud need to store a password, likely the regular one, at gmail in order to use imap?


right.

We ended up with a convoluted system to avoid some of those issues.

Care to elaborate? I presume that the only solution to this problem isto require token-passwords for IMAP in lieu of the real passwords.


Jesse

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Current thread:

Re: Back on topic.... Re: [SECURITY] University credentials used by third parties, (continued)
- - - Re: Back on topic.... Re: [SECURITY] University credentials used by third parties David L. Wasley (Aug 24)
    - Re: Back on topic.... Re: [SECURITY] Universitycredentials used by third parties David Gillett (Aug 24)
    - Re: Back on topic.... Re: [SECURITY] University credentials used by third parties Jesse Thompson (Aug 25)
    - Re: Back on topic.... Re: [SECURITY] University credentials used by third parties Mike Porter (Aug 25)
    - Re: Back on topic.... Re: [SECURITY] Universitycredentials used by third parties David Gillett (Aug 25)
    - Re: Back on topic.... Re: [SECURITY] Universitycredentials used by third parties Semmens, Theresa (Aug 25)
    - Re: Back on topic.... Re: [SECURITY] Universitycredentials used by third parties Eric Case (Aug 25)
    - Re: Back on topic.... Re: [SECURITY] Universitycredentials used by third parties Adam Carlson (Aug 25)
    - Experience with EPO and endpoint encryption David Grisham (Aug 25)
    - Re: Experience with EPO and endpoint encryption Gibson, Nathan J. (HSC) (Aug 25)
    - Re: Back on topic.... Re: [SECURITY] University credentials used by third parties Jesse Thompson (Aug 25)
    - Re: Back on topic.... Re: [SECURITY] University credentials used by third parties Mike Porter (Aug 25)
    - Re: Back on topic.... Re: [SECURITY] University credentials used by third parties Darren Fallis (Aug 24)
- Re: University credentials used by third parties Guy Pace (Aug 17)
  - Re: University credentials used by third parties Greg Schaffer (Aug 17)
- Re: University credentials used by third parties Adam Carlson (Aug 17)
  - Re: University credentials used by third parties Flynn, Gary - flynngn (Aug 17)
- Re: University credentials used by third parties Martin Manjak (Aug 18)
  - Re: University credentials used by third parties Paul Kendall (Aug 18)
    - Re: University credentials used by third parties Bradley, Stephen W. Mr. (Aug 18)
    - Re: University credentials used by third parties Bristol, Gary L. (Aug 18)

(Thread continues...)