Educause Security Discussion mailing list archives
Re: Challenge/response questions?
From: "McCrary, Barbara" <bmccrary () OGSLP ORG>
Date: Fri, 10 Apr 2009 17:48:58 -0500
I like ones like What is your favorite hobby, your favorite sport, your favorite type of music, your favorite ice cream flavor, color etc. Note: This communication and attachments, if any, are intended solely for the use of the addressee hereof. In addition, this information and attachments, if any, may contain information that is confidential, privileged and exempt from disclosure under applicable law. If you are not the intended recipient of this information, you are prohibited from reading, disclosing, reproducing, distributing, disseminating, or otherwise using this information. If you have received this message in error, please promptly notify the sender and immediately, delete this communication from your system. -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Kevin Shalla Sent: Friday, April 10, 2009 3:46 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Challenge/response questions? Something that can be useful to ask is some information on academic data, like Who are all your professors this term? What was your ACT score? Who submitted a letter of recommendation for admission? Of course this depends upon access to this information in some campus database. At 12:57 PM 4/10/2009, Witmer, Robert wrote:
There must be a better way! We have a customized single sign on solution and are looking at self service password resets from a web page. Everything after authentication has been worked out. Currently we are thinking of using challenge/response type questions to verify account ownership. However, either most of the information is available on line (mother's maiden name = genealogy sites) or includes personally identifying information (SSN last 4) that
we don't collect and don't want to use. Anyone have a better idea? If not, anyone have better challenge/response questions? Regards, Bob
Current thread:
- Challenge/response questions? Witmer, Robert (Apr 10)
- <Possible follow-ups>
- Re: Challenge/response questions? Mike Waller (Apr 10)
- Re: Challenge/response questions? Bob Bayn (Apr 10)
- Re: Challenge/response questions? Kevin Shalla (Apr 10)
- Re: Challenge/response questions? McCrary, Barbara (Apr 10)
- Re: Challenge/response questions? j.price (Apr 10)
- Re: Challenge/response questions? Dave Ferguson (Apr 13)
- Re: Challenge/response questions? Schumacher, Adam J (Apr 13)
- Re: Challenge/response questions? Gary Flynn (Apr 14)
- Re: Challenge/response questions? Gary Flynn (Apr 14)
- Re: Challenge/response questions? Gary Flynn (Apr 14)
- Re: Challenge/response questions? Gary Flynn (Apr 14)
- Re: Challenge/response questions? Bob Bayn (Apr 14)
- Re: Challenge/response questions? Gary Flynn (Apr 14)
- Re: Challenge/response questions? Charles Buchholtz (Apr 14)
(Thread continues...)