-
Research
and Publications
Current Issue
March/April 2013
EDUCAUSE ReviewPublications
-
Conferences
and Events
Annual Conference
October 15–18, 2013
Save the date!Events for all Levels and Interests
Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.
-
Career
Development
EDUCAUSE Institute
Leadership/Management Programs
Explore MoreCareer Center
Leadership and Management Programs
EDUCAUSE Institute
Advanced Programs
Project Management
Jump Start Your Career Growth
Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.
-
Focus Areas
and InitiativesLatest Topics
EDUCAUSE organizes its efforts around three IT Focus Areas
Join These Programs If Your Focus Is
-
Connect
and ContributeFind Others
Get on the Higher Ed IT Map
Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
-
About
EDUCAUSE
Self service account claiming information
Greetings,
Here at Massachusetts College of Art and Design we’re looking to implement a form of self-service account claiming process. Currently we disseminate initial account information to our users via postal mail with their username and starting password included. We would like to stop sending out mail and instead direct our new users to visit a website enter certain info about themselves to claim their account. We have the capability of pre-populating new users information in our question and answer password reset tool but we are uncertain of what would be the most suitable identifying information to use. Common pieces of info used by other institutions are typically a combination of last 4 digits of SSN, DOB, ID number and name, but we’re wondering what other schools are using and what works best for our higher ed counterparts.
If any of you are using some form of account claiming methodology – what information are you requiring users to provide to validate their identity?
Thanks,
Sam Dolph
Technology
MassArt
Recommend
Comments
Sam,
Our account management system has what we call a “starter kit” which allows students to create their initial accounts. We require that they know their 10 digit university ID, which is included in their admission letter. For employees, the ID is issued by HR.
IU Knowledge Base “How do I get my first computing accounts at IU?” - http://kb.iu.edu/data/achn.html
IT Accounts Starter Kit - https://ams.iu.edu/skit/SkitMain.aspx
Thanks,
Chuck
Chuck Aikman
Manager, Knowledge Management
Indiana University
University Information Technology Services
We too have observed that many schools use SSN, DOB, school ID, etc. in these kinds of systems. However that appears inconsistent with some parts of the U.S. FERPA rules. For example, the following statements can be found in http://www2.ed.gov/legislation/FedRegister/finrule/2008-4/120908a.pdf: "The regulations in § 99.31(c) require educational agencies and institutions to use reasonable methods to identify and authenticate the identity of ... students.... The use of widely available information to authenticate identity, such as the recipient's name, date of birth, SSN or student ID number, is not considered reasonable under the regulations." "We assume that educational agencies and institutions that require users to enter a secret password or PIN to authenticate identity will deliver the password or PIN through the U.S. postal service or in person." Is anyone aware of any other resources that clarify what methods are allowed for authenticating students? Steve Krahn Information Technology Department North Central University sdkrahn@northcentral.edu 612-343-4750 ------------------------------------------------------------------------------------