Educause Security Discussion mailing list archives
Password change procedures
From: Dennis Levine <dennis_levine () EMERSON EDU>
Date: Fri, 2 May 2014 17:49:01 +0000
Hi Everyone, I'm wondering if I could get some feedback as to how you have your schools procedures set up to change a user's password. Not when or how long it should be, ( we already beat that to death in the last thread with the Heartbleed bug) I'm talking about do you have a web based user self-portal that allows someone to enter name and ID number, answer a security question or two to get to a password change screen if they forgot their password. If so, did you get push back because of the security questions that may have been asked such as "pick an address you may have lived at" or "what is your mother's maiden name" etc. and all the wonderful problems that come with FERPA or PII info? Do you do it another way? Thanks, Dennis Levine Dennis Levine | Network and Security Administrator | 120 Boylston Street Boston, MA 02116-4624 | (617) 824-8972 | Dennis_Levine () emerson edu<mailto:Dennis_Levine () emerson edu> | www.emerson.edu [emerson]
Current thread:
- Password change procedures Dennis Levine (May 02)
- Re: Password change procedures David Curry (May 02)
- Re: Password change procedures Roger A Safian (May 02)
- Re: Password change procedures Ken Connelly (May 02)
- Re: Password change procedures Quentin L McCallum (May 02)
- Re: Password change procedures Ken Connelly (May 02)