Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: 3rd party account creations or lost passwords (ex: Hobson Common Application)

From: "Biddle, Rob" <Rob_Biddle () MAIL MSJ EDU>
Date: Wed, 8 Sep 2010 15:06:53 -0400
Our procedure (Still no de facto policy & no email encryption implemented) is to simply not do it.  For now, we use 
snail mail to send initial passwords to new students.

_____________________________
Rob Biddle
Network Systems Engineer / Administrator
College of Mount St. Joseph

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Plesco, 
Todd
Sent: Wednesday, September 08, 2010 12:41 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] 3rd party account creations or lost passwords (ex: Hobson Common Application)

We're currently engaged in a discussion regarding 3rd party applications are configured by default, after a student has 
created an account, to send a follow-up email containing login credentials.
Do you allow (i.e. have guidance/policy/alternatives) for applications which send login/password information to end 
users via e-mail?

Thanks
Todd A. Plesco  CISM, CBCP
Chapman University, Director of Information Security
One University Drive, Orange, CA 92866
Phone: (714) 744-7979/Fax: (714) 744-7041
Previous By Date Next
Previous By Thread Next

Current thread: