Re: Initial Passwords

[Gary Dobbins <dobbins () ND EDU>]

You configure the account that way upon its creation.   In our case, we
use Active Directory and Kerberos, so it's possible for the admin to set
the password's status to expired, and our password-change system
recognizes that and acts accordingly.





From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of King, Ronald A.
Sent: Wednesday, April 01, 2009 1:09 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Initial Passwords



How does one find or get the pre-expired password?



Thanks for the response.



Ronald King

Security Engineer

Norfolk State University

Marie V. McDemmond Center for Applied Research

Suite 401

700 Park Ave.

Norfolk, Virginia  23504

Phone:  757-823-3918

Email: raking () nsu edu

http://security.nsu.edu



From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Gary Dobbins
Sent: Wednesday, April 01, 2009 12:51 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Initial Passwords



A good practice is to distribute pre-expired passwords so that the
person has to immediately change it by visiting your password-change
page and select a new password.  This way, their password becomes a
secret known only to the accountholder.





From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of King, Ronald A.
Sent: Wednesday, April 01, 2009 12:47 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Initial Passwords



I would like to inquire as to what other institutions have in place for
assigning and distributing passwords for new users in a secure manner?



Ronald King

Security Engineer

Norfolk State University

Marie V. McDemmond Center for Applied Research

Suite 401

700 Park Ave.

Norfolk, Virginia  23504

Phone:  757-823-3918

Email: raking () nsu edu

http://security.nsu.edu

Attachment: smime.p7s
Description: