Single sign on

• Previous message: Mr Babak Memari: "Re: Adware, spyware, and trojans"
• Next in thread: Sarbjit Singh Gill: "RE: Single sign on"
• Reply: Sarbjit Singh Gill: "RE: Single sign on"
• Maybe reply: Vachon, Scott: "RE: Single sign on"
• Reply: Colleen Nelson: "RE: Single sign on"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Niall O Malley (LMI)" <Niall.OMalley@eei.ericsson.se>
To: security-basics@lists.securityfocus.com
Date: Mon, 9 Dec 2002 09:54:42 +0100 

Does anyone have any good links for a single sign on solution. Any material would also be appreciated.

regards

Niall

-----Original Message-----
From: Robert Sieber [mailto:rsieber@web.de]
Sent: Friday, December 06, 2002 6:51 AM
To: security-basics@lists.securityfocus.com
Subject: Re: RE: How to authentificate an user via telephon?

Darryl,

the Programm PasswordStation sounds really great - if the costumer have a single sign on it would be the best solution!

Robert

"Darryl W. Malcolm" <DMalcolm@acuent.com> schrieb am 05.12.02 23:26:23:
> Avatier has a product which would allow users to reset their own passwords
>
> -----Original Message-----
> From: Robert Sieber [mailto:rsieber@web.de]
> Sent: Wednesday, December 04, 2002 1:51 PM
> To: security-basics@lists.securityfocus.com
> Subject: AW: How to authentificate an user via telephon?
>
>
> Thanks for all replies!
>
> For me it ist a very hard question because I don't
> know where all of the up to 20.000 clients are
> located - there are also RAS users with tokens
> ode PKI chipcards. The other problem is that all
> clients are employed by bank institutes and so
> passwords are more critical than in other cases
>
> I thought about th following procedurs:
>
> - help desk has two telephone numbers
> - the client will get a call back from help
> desk
>
> Well, lets see.
>
> Robert
>
> > -----Ursprungliche Nachricht-----
> > Von: bsm14096@ad.creighton.edu [mailto:bsm14096@ad.creighton.edu]
> > Gesendet: Mittwoch, 4. Dezember 2002 18:43
> > An: Robert Sieber; security-basics@lists.securityfocus.com
> > Betreff: RE: How to authentificate an user via telephon?
> >
> >
> > Robert,
> >
> > In a past life we would send the new password to a known email address
> > for the person whose account is reset. If email is not available we
> > would leave the reset password on the users voice mail. Both systems
> > would only be accessible by the person whose account is reset. If
> > someone other than the owner of the account requests a reset, the
> > account is still safe, assuming email and vmail are secure.
> >
> > Bryan
> >
> > -----Original Message-----
> > From: Robert Sieber [mailto:rsieber@web.de]
> > Sent: Tuesday, December 03, 2002 12:50 PM
> > To: security-basics@lists.securityfocus.com
> > Subject: How to authentificate an user via telephon?
> >
> > Hello colleauges,
> >
> > imaging the following situation:
> >
> > User calls the helpdesk to reset/alter some kind
> > of account-password (NT, RAS, PKI-PIN ...) and you
> > has to determin wheter the user is the correct
> > (owner of the account) user. What would you do
> > to authentificate the users identity?
> >
> > What are good methodes to do this? It should be
> > easy for the user but secure for the administration.
> >
> >
> > Robert
> >
> > --
> > http://board.protecus.de - Firewalls, Security and more ...
> >
> >
> >
> >
> >

______________________________________________________________________________
Wie ware das: mehrere E-Mail Adressen - aber nur ein Postfach ?
Kein Problem mit WEB.DE FreeMail - http://freemail.web.de/features/?mc=021127

• Next message: Shanon: "Re: Adware, spyware, and trojans"
• Previous message: Mr Babak Memari: "Re: Adware, spyware, and trojans"
• Next in thread: Sarbjit Singh Gill: "RE: Single sign on"
• Reply: Sarbjit Singh Gill: "RE: Single sign on"
• Maybe reply: Vachon, Scott: "RE: Single sign on"
• Reply: Colleen Nelson: "RE: Single sign on"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]