 |
 |
At 09:39 AM 1/23/2006, m. kolb wrote: >On Jan 23, 2006, at 9:23 AM, Steve Plemmons wrote: > >>When Pilot first started, I was given a stack of PIN notifications >>for all >>of the faculty/staff in my department. I have kept that stack all >>these >>years and it has come in very handy when people had forgotten their >>passwords. >> >>I'm wondering if it would be possible for an interface to be setup >>whereby >>an administrator from each department would have access to PIN's >>for the >>members of their departments or simply the ability to reset >>passwords for >>their users. This would decrease overhead for the CL and make some >>forgetful people very happy. > >While I understand where you're coming from, this seems to be a >security risk. The more exposure we allow to PINs, the less secure >they are, by definition. I will bring this up at our next meeting, >but I believe this will concept be summarily rejected. Aren't there some privacy issues that are just as important? The university would be accepting responsibility for the behavior of these department administrators, and it might be a big deal to make sure the responsibilities and obligations of that relationship are understood, assented to, and honored. There is also the problem with the definition of "their." It isn't always clear who "their users" are. Some users belong to more than one department. John Gorentz