Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Authentication of remote users

From: charlie derr <cderr () SIMONS-ROCK EDU>
Date: Thu, 3 Jan 2008 16:09:37 -0500
Chris Vakhordjian wrote:

Does anyone have a formal written policy or procedure they would like to share with everyone?

Thanks,


Chris Vakhordjian
Information Security Officer
UCF Computer Services & Telecommunications
www.infosec.ucf.edu
chrisv () mail ucf edu

<snippage>



Forgive me for injecting what I think ought to be sort of obvious.


It seems to me that having a written policy that's eagerly shared is sort of defeating the purpose (as it ends up 
providing a
blueprint on how to hijack an account if you're an attacker who comes across it).

        ~c
Previous By Date Next
Previous By Thread Next

Current thread: