Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Authentication of remote users

From: Dave Mueller <dave () SBCI EDU>
Date: Thu, 3 Jan 2008 12:38:41 -0600
Put them on hold for an hour.  If the person is still on the line after
an hour it's more then likely them!
 
-Dave Mueller
TI Manager
Sitting Bull College
701.854.8003

________________________________

From: Robert Paterson [mailto:rpaterson () SALEMSTATE EDU] 
Sent: Thursday, January 03, 2008 11:44 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Authentication of remote users


How does your bank? Best, Rob
 
Dr. Robert Paterson
Chief Information Officer
Salem State College
Salem MA 01970
robert.paterson () salemstate edu
978-542-6446


On 1/3/2008 at 12:40 PM, in message <477D1E2B.5060100 () jmu edu>, Gary

Flynn <flynngn () JMU EDU> wrote:



Lets say you have a user that:

1) forgot their password
2) forgot their answers to their secret question(s)
3) is traveling making visiting the helpdesk impossible

Lets also say asking for last four digits of SSN is
not allowed.

How do you authenticate the identity of the user and
allow them to change their password?


-- 
Gary Flynn
Security Engineer
James Madison University
www.jmu.edu/computing/security
Previous By Date Next
Previous By Thread Next

Current thread: