Educause Security Discussion mailing list archives
Re: inital passwords for students
From: "McLaughlin, Bryan S." <bmclaughlin () CREIGHTON EDU>
Date: Fri, 6 Dec 2013 18:37:01 +0000
At Creighton University we have a home grown application that creates a one-time password (OTP) for all new AD accounts. Students receive their OTP from the admissions process, faculty and staff receive their OTP from their hiring manager. All individuals use their OTP and date of birth to setup a security profile (security questions and answers along with an alternate email or text capable number) and then they set their AD password. AD password live for 180 days. The security profile then ties to a password self-service tool that allow users to reset forgotten password through security questions and a verification code that is sent to the alternative email or text device. We never subsequently change a users password if they cannot use the self-service portal (forgot the answers to their security questions, etc.), we instead provide a new OTP (following verification of identity) so a new security profile can be created. We have found the process to work well and password calls to the service desk have declined. Bryan McLaughlin Information Security Officer Creighton University bmclaughlin () creighton edu<mailto:bmclaughlin () creighton edu> 402-280-2386 From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Yost, Davis Sent: Friday, December 6, 2013 8:34 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] inital passwords for students Group, Looking for guidance on emailing initial passwords to students, dose anyone do this? What do you use for the initial password? How often do you require students to change there password? Thank you, Davis Yost Associate Director of Security and Networks Northwood University yost () northwood edu<mailto:yost () northwood edu> 989.837.4185 office 989.859.7761 cell
Current thread:
- Re: inital passwords for students, (continued)
- Re: inital passwords for students David Curry (Dec 06)
- Re: inital passwords for students Stevens, Eric J. (Dec 06)
- Re: inital passwords for students David Curry (Dec 06)
- Re: inital passwords for students David Curry (Dec 06)
- Re: inital passwords for students Stevens, Eric J. (Dec 06)
- Re: inital passwords for students Yost, Davis (Dec 06)
- Re: inital passwords for students David Curry (Dec 06)
- Re: inital passwords for students Nick Giacobe (Dec 06)
- Re: inital passwords for students Hugh Burley (Dec 06)
- Re: inital passwords for students Dan Schwartz (Dec 06)
- Re: inital passwords for students Jones, Mark B (Dec 06)
- Re: inital passwords for students Barron Hulver (Dec 06)
- Re: inital passwords for students McLaughlin, Bryan S. (Dec 06)
- Re: inital passwords for students Don Faulkner (Dec 10)