Re: Email account management for alumni

[Gary Flynn <flynngn () JMU EDU>]

Dave Koontz wrote:

> Given the limited network access rights most students / alumni and other non
> administrative users have in our network, we opted to write our own Web
> Based Password Reset form for these users.  It works similar to some
> high-dollar commerical software. We see this as farily minimal risk, since
> in our environment these user accounts do not have rights to any
> adminstrative software or critical services.
>
> Currently, our password reset form only asks for the students Username,
> college ID Number and the last 4 of their SSN. While there may be some
> opportunity for abuse, worse case scenerio is a hacker compromises an email
> account.
What about folks who want to make things like transcripts
available online?