Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Authentication of remote users

From: Andrea Beesing <amb3 () CORNELL EDU>
Date: Thu, 3 Jan 2008 14:01:29 -0500
Gary,

We would ask the person to fax a copy of the Cornell ID card or
government-issued ID such as driver's license or passport to our Help
Desk. We would then mail a new one-time activation code to the
individual. We will use fedex in cases where delivery time for US mail
would be a big problem.

--Andrea

Gary Flynn wrote:



Lets say you have a user that:

1) forgot their password
2) forgot their answers to their secret question(s)
3) is traveling making visiting the helpdesk impossible

Lets also say asking for last four digits of SSN is
not allowed.

How do you authenticate the identity of the user and
allow them to change their password?




--


Andrea Beesing
Asst Dir, IT Security
Cornell Information Technologies
120 Maple Ave.
Ithaca, NY   14853
607 254-7441
Previous By Date Next
Previous By Thread Next

Current thread: