Password Change issues

John Stauffacher stauffacher at
Tue Jul 1 22:53:35 GMT 2003



What sort of systems are people employing to do automated or semi-automated
password changes. With FERPA/HIPPA and some other laws (in CA mostly) the
data used to verify identity is slim to none. What sort of systems do other
Universities use to a. verify identity b. reset a password c. maintain a
secure password environment (rotations every 30 days etc)? What are some
procedures for a lost password, or a user who claims they never got issued a
password or username? When do you decide whether human intervention is
needed or whether an automated system is sufficient enough?


Just some questions I am working on for a new project, I welcome any






John Stauffacher

Network Administrator

Chapman University

stauffacher at


"I ran out of sick days, so I called in dead" 


"The man who does not read good books has no advantage over the man who
cannot read them." -Mark Twain  (1835-1910)

"It is from numberless diverse acts of courage and belief that human history
is shaped. Each time a man stands up for an ideal, or acts to improve the
lot of others, or strikes out against injustice, he sends forth a tiny
ripple of hope, and crossing each other from a million different centers of
energy and daring those ripples build a current which can weep down the
mightiest walls of oppression and injustice." - Robert F Kennedy

Pursuant to 47 USC, unsolicited e-mail sent to any of my addresses is
subject to an archival fee of not less than $500 U.S. per copy. E-mail
received after any receipt of this notice implies acceptance of these terms.
A copy of the specific law regarding this activity may be found at


More information about the unisog mailing list