Educause Security Discussion mailing list archives
Re: Student domain password expiration policy
From: Thomas Carter <tcarter () AUSTINCOLLEGE EDU>
Date: Wed, 19 Aug 2015 14:05:20 +0000
While a much smaller institution, we implemented an annual password change for students a year and a half ago. Students are used to having to change passwords and create complex, secure passwords, so we didn’t need to do much communication there. Our primary focus at first was to communicate that the password change was coming. We involved Student Life to communicate through RAs and others, put signs everywhere, sent reminder emails, and placed posters outside the entrance to the cafeteria. It’s also in our IT portion of freshmen orientation. The second issue for communication is password expiration. Since students aren’t frequently logging in to a system that will warn them of impending password expiration, we needed an alternate method. We use ManageEngine’s ADSelfService for students to change their own passwords; it also has the ability to send emails to users if their password is expiring within a specified time. The email message is configurable as well. I’d say it’s gone very smoothly for us; we’re past the initial change as well as the first expiration. Help desk calls have been minimal to non-existent. Faculty and staff password changes on the other hand…. Thomas Carter Network & Operations Manager Austin College From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Mitchell Pautz Sent: Tuesday, August 18, 2015 9:54 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Student domain password expiration policy Our institution starting October and each year following will require students to change their domain passwords. Student email is hosted by Google. Our students can reset their passwords through our portal. Has anyone successfully managed a project like this? If so, would you be willing to share what you learned? I would be interested in learning how you managed the technical and communication pieces in partcular. Thanks ahead of time, Mitch Pautz CSU Fullerton 657-278-2544
Current thread:
- Student domain password expiration policy Mitchell Pautz (Aug 18)
- Re: Student domain password expiration policy Thomas Carter (Aug 19)