Educause Security Discussion mailing list archives

Re: Initial Passwords

From: Gary Dobbins <dobbins () ND EDU>
Date: Wed, 1 Apr 2009 12:51:01 -0400

A good practice is to distribute pre-expired passwords so that the person has to immediately change it by visiting your 
password-change page and select a new password.  This way, their password becomes a secret known only to the 
accountholder.





From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of King, 
Ronald A.
Sent: Wednesday, April 01, 2009 12:47 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Initial Passwords



I would like to inquire as to what other institutions have in place for assigning and distributing passwords for new 
users in a secure manner?



Ronald King

Security Engineer

Norfolk State University

Marie V. McDemmond Center for Applied Research

Suite 401

700 Park Ave.

Norfolk, Virginia  23504

Phone:  757-823-3918

Email: raking () nsu edu<mailto:raking () nsu edu>

http://security.nsu.edu

Current thread:

Initial Passwords King, Ronald A. (Apr 01)
- <Possible follow-ups>
- Re: Initial Passwords Gary Dobbins (Apr 01)
- Re: Initial Passwords King, Ronald A. (Apr 01)
- Re: Initial Passwords Gary Dobbins (Apr 01)
- Re: Initial Passwords Gary Dobbins (Apr 01)
- Re: Initial Passwords King, Ronald A. (Apr 01)
- Re: Initial Passwords Bristol, Gary L. (Apr 01)
- Re: Initial Passwords Dexter Caldwell (Apr 01)
- Re: Initial Passwords Brenda B Gombosky (Apr 01)
- Re: Initial Passwords Schumacher, Adam J (Apr 01)
- Re: Initial Passwords Eric Case (Apr 01)