Educause Security Discussion mailing list archives
Re: stopping students sharing their login credentials
From: Mike Wiseman <mike.wiseman () UTORONTO CA>
Date: Fri, 23 Jan 2009 11:11:06 -0500
... So, how do we fix this? The best solution I found was to state "you are responsible for whatever activities originate from your userid, computer, id card..." (feel free to include whatever authentication/authorization mechanism you have). This is easily enforceable. Computer and access control logs note the "userid/token" that was used to gain entry. SInce you can identify the owner, that person is responsible for its use.
This is fine for some of the stronger forms of authentication. But I don't think it can be applied to logical access using username/password given desktop vulnerabilities such as keyloggers and human factor vulnerabilities such as sophisticated phishing. Mike Mike Wiseman Computing and Networking Services University of Toronto
Current thread:
- Re: stopping students sharing their login credentials, (continued)
- Re: stopping students sharing their login credentials Jeff Kell (Jan 22)
- Re: stopping students sharing their login credentials Barry Lynam (Jan 22)
- Re: stopping students sharing their login credentials Rizzo, Jim (Jan 22)
- Re: stopping students sharing their login credentials Ray Strubinger (Jan 23)
- Re: stopping students sharing their login credentials Rappaport,Jason (Jan 23)
- Re: stopping students sharing their login credentials Mike Wiseman (Jan 23)
- Re: stopping students sharing their login credentials randy marchany (Jan 23)
- Re: stopping students sharing their login credentials James M. Dutcher - Assoc. VP IS/IT & CIO (Jan 23)
- Re: stopping students sharing their login credentials Christopher Jones (Jan 23)
- Re: stopping students sharing their login credentials randy marchany (Jan 23)
- Re: stopping students sharing their login credentials Mike Wiseman (Jan 23)
- Re: stopping students sharing their login credentials Charlie Reitsma (Jan 23)
- Re: stopping students sharing their login credentials Neil Sindicich (Jan 23)
- Re: stopping students sharing their login credentials Barros, Jacob (Jan 23)
- Re: stopping students sharing their login credentials Basgen, Brian (Jan 23)
- Re: stopping students sharing their login credentials Brad Judy (Jan 23)
- Re: stopping students sharing their login credentials Charlie Reitsma (Jan 23)
- Re: stopping students sharing their login credentials Gary Flynn (Jan 23)
- Re: stopping students sharing their login credentials Valdis Kletnieks (Jan 23)
- Re: stopping students sharing their login credentials Neil Sindicich (Jan 25)
- Re: stopping students sharing their login credentials James M. Dutcher - Assoc of IS/IT & CIO (Jan 25)