A question about how to validate a user's request to change a pas sword or unlock there account
From: VanMeter, John (John.VanMeter@ost.dot.gov)Date: 08/03/01
- Previous message: Meritt James: "Re: Code Red Question"
- Next in thread: CJ Oakwood: "RE: A question about how to validate a user's request to change a password or unlock there account"
- Reply: CJ Oakwood: "RE: A question about how to validate a user's request to change a password or unlock there account"
- Reply: Ken Pfeil: "RE: A question about how to validate a user's request to change a password or unlock there account"
- Reply: Mietlicki, Michael: "RE: A question about how to validate a user's request to change a pas sword or unlock there account"
- Reply: dewt: "Re: A question about how to validate a user's request to change a pas sword or unlock there account"
- Reply: Mark Robinson: "Re: A question about how to validate a user's request to change a pas sword or unlock there account"
- Reply: VanMeter, John: "RE: A question about how to validate a user's request to change a pas sword or unlock there account"
- Reply: Mark Ng: "RE: A question about how to validate a user's request to change a pas sword or unlock there account"
- Reply: Nuccio, Steve: "RE: A question about how to validate a user's request to change a pas sword or unlock there account"
- Reply: Bartel, Matt: "RE: A question about how to validate a user's request to change a pas sword or unlock there account"
- Reply: Jeff Smith: "RE: A question about how to validate a user's request to change a pas sword or unlock there account"
- Reply: Gage, William: "RE: A question about how to validate a user's request to change a pas sword or unlock there account"
- Reply: Sadler, Connie J: "RE: A question about how to validate a user's request to change a pas sword or unlock there account"
- Reply: Sadler, Connie J: "RE: A question about how to validate a user's request to change a pas sword or unlock there account"
- Reply: Jeff Smith: "RE: A question about how to validate a user's request to change a pas sword or unlock there account"
- Reply: Stewart John H SSSD: "RE: A question about how to validate a user's request to change a pas sword or unlock there account"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <23C309FEA282A943AE132127AABBC1E72327C2@ostex001.ad.ost.dot.gov> From: "VanMeter, John" <John.VanMeter@ost.dot.gov> To: "SECURITY-BASICS (E-mail)" <SECURITY-BASICS@SECURITYFOCUS.COM> Subject: A question about how to validate a user's request to change a pas sword or unlock there account Date: Fri, 3 Aug 2001 06:32:02 -0400
I would like to ask what every one things about how to validate a user's
request to change his password. Currently a user calls the helpdesk, gives
his username and the helpdesk staff will change the password or unlock an
account. I'm looking for something way to validate the user identity without
putting undo pressure on anyone.
At work we've talked about requiring the user to come down/up to the
helpdesk, show a photo id then the account could be unlocked or the password
changed.
We've also talked about using a call back system, the user would call and
leave there name with the helpdesk staff, then one of the helpdesk tech's
would look up that persons phone number call them back, then the account
could be unlocked or the password changed.
Or we talked about using a code word, the user would call supply a code
word, the helpdesk tech would look up the word in a database and if the
correct word was supplied the account could be unlocked or the password
changed.
What does every one think?
Thank You, Take Care and have fun
John van Meter
Win2K System Administrator
- Previous message: Meritt James: "Re: Code Red Question"
- Next in thread: CJ Oakwood: "RE: A question about how to validate a user's request to change a password or unlock there account"
- Reply: CJ Oakwood: "RE: A question about how to validate a user's request to change a password or unlock there account"
- Reply: Ken Pfeil: "RE: A question about how to validate a user's request to change a password or unlock there account"
- Reply: Mietlicki, Michael: "RE: A question about how to validate a user's request to change a pas sword or unlock there account"
- Reply: dewt: "Re: A question about how to validate a user's request to change a pas sword or unlock there account"
- Reply: Mark Robinson: "Re: A question about how to validate a user's request to change a pas sword or unlock there account"
- Reply: VanMeter, John: "RE: A question about how to validate a user's request to change a pas sword or unlock there account"
- Reply: Mark Ng: "RE: A question about how to validate a user's request to change a pas sword or unlock there account"
- Reply: Nuccio, Steve: "RE: A question about how to validate a user's request to change a pas sword or unlock there account"
- Reply: Bartel, Matt: "RE: A question about how to validate a user's request to change a pas sword or unlock there account"
- Reply: Jeff Smith: "RE: A question about how to validate a user's request to change a pas sword or unlock there account"
- Reply: Gage, William: "RE: A question about how to validate a user's request to change a pas sword or unlock there account"
- Reply: Sadler, Connie J: "RE: A question about how to validate a user's request to change a pas sword or unlock there account"
- Reply: Sadler, Connie J: "RE: A question about how to validate a user's request to change a pas sword or unlock there account"
- Reply: Jeff Smith: "RE: A question about how to validate a user's request to change a pas sword or unlock there account"
- Reply: Stewart John H SSSD: "RE: A question about how to validate a user's request to change a pas sword or unlock there account"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
