Educause Security Discussion mailing list archives
Re: Secure communication of passwords
From: Greg Williams <gwillia5 () UCCS EDU>
Date: Thu, 29 Jan 2015 04:29:20 +0000
We use this for temporary secure file transfer. Great software and it is secure. We have around 10% of faculty/staff using it on a regular basis. Best feature is that it really is temporary storage (21 day default) so you don’t run the risk of storage creep. If you want to see how it works, I can just allow you to upload something. Greg Williams, M.E., ISA, GPEN, GCFE Director of Networks and Infrastructure Interim IT Security Manager/Information Security Officer/HIPAA Security Officer University of Colorado Colorado Springs - Department of Information Technology Phone: 719-255-3211 From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Mike Osterman Sent: Wednesday, January 28, 2015 3:04 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Secure communication of passwords This also reminds me of Purdue's FileLocker2 project: http://filelocker2.sourceforge.net Disclaimer: I've not tried it, but it looks solid and edu-friendly (CAS and LDAP auth). -Mike On Jan 28, 2015, at 1:56 PM, Shalla, Kevin <kshalla () UIC EDU<mailto:kshalla () UIC EDU>> wrote: We wrote the application Protected Email Attachment Repository for this.. We have a video showing features: https://www.youtube.com/watch?v=7qqXZIgzj2I Kevin Shalla Academic and Enrollment Services University of Illinois at Chicago From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Thomas Carter Sent: Wednesday, January 28, 2015 3:27 PM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] Secure communication of passwords On occasion we need to communicate a password (with a possible username) with a user. This is generally for some external system that doesn’t integrate into existing authentication mechanisms. Per our policy, we can’t send the password via email and it shouldn’t be written down. We generally try to communicate it via a phone call if possible, with a text message to a verified number as a backup. Unfortunately neither of these are convenient, so I wondered what others are using for this task. Thomas Carter Network and Operations Manager Austin College 903-813-2564 <image001.gif>
Current thread:
- Secure communication of passwords Thomas Carter (Jan 28)
- Re: Secure communication of passwords Ric Getter (Jan 28)
- Re: Secure communication of passwords Mike Osterman (Jan 28)
- Re: Secure communication of passwords Shalla, Kevin (Jan 28)
- Re: Secure communication of passwords Mike Osterman (Jan 28)
- Re: Secure communication of passwords Joel L. Rosenblatt (Jan 28)
- Re: Secure communication of passwords Greg Williams (Jan 28)
- Re: Secure communication of passwords King, Ronald A. (Jan 29)
- Re: Secure communication of passwords Tipps, Greg (Greg Tipps) (Jan 28)
- Re: Secure communication of passwords Mike Osterman (Jan 28)
- Re: Secure communication of passwords Jones, Mark B (Jan 28)
- <Possible follow-ups>
- Secure communication of passwords Cochran, Marlowe (Feb 05)
- Re: Secure communication of passwords Thomas Carter (Feb 05)
- Re: Secure communication of passwords Frank Barton (Feb 05)
- Re: Secure communication of passwords Thomas Carter (Feb 05)
- Re: Secure communication of passwords Cam Beasley (Feb 05)
- Re: Secure communication of passwords Ric Getter (Jan 28)