Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: New student username/password

From: Stephen John Smoogen <smooge () UNM EDU>
Date: Wed, 9 Apr 2008 11:51:56 -0600
Aaron Cayard-Roberts wrote:

Hello,

For years we've had students wait until they are on campus and have
attended a tech session before we give them their username and password.
 We've been under a lot of pressure to change this so that the students
will be able to access campus services over the summer which require a
username and password.

I'm wondering how other institutions are handling this situation in a
secure way.

Thanks,
Aaron




The ways I have seen it: [I can not recommend any of these.. they all
have big downfalls]

Send them an email with the account and a URL that allows them to change
it by filling in information that only the university and them would
know (supposedly).

Have them call in and ask for their address etc that is on public record
for us to verify. Give them a account/password that must be changed on
first login, and direct them to the website to do so.

Send them a username/password in seperate snail mails. Have them go to
site that asks them to change it.

One of the above, but allow the account only limited access until they
can come in physically to verify things. This usually causes more
headaches because the sensitive things that are limited are things a new
or returning student might want to see or change.


--
Stephen Smoogen -- ITS/Linux Administrator
  MSC02 1520 1 University of New Mexico Albuquerque, NM  87131-0001
  Phone: (505) 277-8219  Email: smooge () unm edu
 How far that little candle throws his beams! So shines a good deed
 in a naughty world. = Shakespeare. "The Merchant of Venice"
Previous By Date Next
Previous By Thread Next

Current thread: