Educause Security Discussion mailing list archives
Re: inital passwords for students
From: Nick Giacobe <nxg13 () PSU EDU>
Date: Fri, 6 Dec 2013 11:24:17 -0500
Our University requires that students do the following to get their first password: Resident Students This is accomplished during "New Student Orientation". Students are taken to a "signature station" - generally in our public computing labs on one of our campuses - to complete an account initiation process. They authenticate using their university-provided mag-stripe ID card. At that point, they are required to agree to specific university policies related to computing, etc. Then, they can select their own password - as long as it complies with the password complexity rules. Online Students These students receive their first password via U.S. Mail during their registration process. They are required to change it on first login. It is a random string of characters - upper/lower/number/symbol. Passwords are required to be changed every 12 months. However, if a password is 11 months old, the user is forced to change it if they log in to our single-signon service. Some services that don't use our SSO (a POP3 or IMAP email client, for example) don't have the hooks to launch the password reset website, so we don't force the password to be changed between the 11th and 12th month time periods if only those services are being used. Accounts with passwords over 12 months are locked out and require a physical visit to one of our helpdesk locations. Our online students have a telephone helpdesk that handles password resets, but everyone else is required to be physically present with a University ID card to get a password reset. --- Nicklaus A. Giacobe, Ph.D. Research Associate and Lecturer Phone: 814-865-8233 College of Information Sciences and Technology Penn State University 101 Information Sciences and Technology Building University Park, PA 16802 From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Yost, Davis Sent: Friday, December 06, 2013 9:34 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] inital passwords for students Group, Looking for guidance on emailing initial passwords to students, dose anyone do this? What do you use for the initial password? How often do you require students to change there password? Thank you, Davis Yost Associate Director of Security and Networks Northwood University <mailto:yost () northwood edu> yost () northwood edu 989.837.4185 office 989.859.7761 cell
Current thread:
- inital passwords for students Yost, Davis (Dec 06)
- Re: inital passwords for students Joel L. Rosenblatt (Dec 06)
- Re: inital passwords for students David Curry (Dec 06)
- Re: inital passwords for students Stevens, Eric J. (Dec 06)
- Re: inital passwords for students David Curry (Dec 06)
- Re: inital passwords for students David Curry (Dec 06)
- Re: inital passwords for students Stevens, Eric J. (Dec 06)
- Re: inital passwords for students Yost, Davis (Dec 06)
- Re: inital passwords for students Nick Giacobe (Dec 06)
- Re: inital passwords for students Hugh Burley (Dec 06)
- Re: inital passwords for students Dan Schwartz (Dec 06)
- Re: inital passwords for students Jones, Mark B (Dec 06)
- Re: inital passwords for students Barron Hulver (Dec 06)
- Re: inital passwords for students McLaughlin, Bryan S. (Dec 06)
- Re: inital passwords for students Don Faulkner (Dec 10)