|
Hi,
I was wondering if anyone can tell me what the best
practices are for password resetting?
I'm currently auditing our E-mail system &
procedures. I found that a lot of our sales people keep
forgetting their e-mail account passwords and calls the
Administrator directly. The Admin resets
the account and gives the new password over the
phone.
Isn't this a "risky" procedure?
I've recommended calling their supervisors first so
that the burden of verifying the identity of the
caller is put on a more reliable person than the Admin.
The sup informs the Admin, the Admin resets
the account and gives the password to the sup, the sup
then relays the password to his staff.
This recom has met some resistance from the users. What
do you guys think?
Benj
Ortiz |
- RE: [AuditPrograms-L] - Password resetting Ortiz, Benjamin Vincent G.
- RE: [AuditPrograms-L] - Password rese... Mervin Pearce
- Re: [AuditPrograms-L] - Password rese... Sharon Haapala
- RE: [AuditPrograms-L] - Password rese... Michael Nursalim
- RE: [AuditPrograms-L] - Password rese... Mohan, Kalash G (NZ - Auckland)
- RE: [AuditPrograms-L] - Password rese... Mohan, Kalash G (NZ - Auckland)
- RE: [AuditPrograms-L] - Password rese... Kaplan, Jim
