Network UserID Creation/Change
Administration, Architecture/Design, Biometrics, Compliance, CRM, Digital certificates, Disaster Recovery, Identity & Access Management, Management, Policies, provisioning, Risk management, Security management, Security Program Management, Security tokens, Service and support, Single sign-on
Looking for White Papers, Best Practices, Your Practice...on UserIDs
What should a Network UserID look like for strong security? I don't believe it should contain any part of the user's legal name. Agree? So what do you use to create a UserID?
Should a user be able to change their UserID?
Thanks for your input.
Software/Hardware used:
Software/Hardware used:
ASKED:
September 27, 2004 11:46 AM
UPDATED:
September 27, 2004 7:47 PM
Answer Wiki:
Please be nor specific when you say Strong User Id, bacouse if you use Strong one of the best practice is to use Tokens (Hardware).
To see all answers submitted to the Answer Wiki: View Answer History.
I was asked…From: SALOMON
Date Sent: 27 Sep 2004 11:56 EDT (15:56 GMT)
Subject: RE: Network UserID Creation/Change
Please be more specific when you say Strong User Id, bacouse if you use Strong one of the best practice is to use Tokens (Hardware).
Answer: We are currently in a manual creation mode for UserIDs. I’d like to see us go to a token but we may need to take an intermediate step first by manually creating strong IDs. Suggestions?
Try the user company number
One of the option that can be suit your environment is users Employee Number. Also you can add users company id or some alphabet i Employee No. e.g. A123456 where 123456 is user’s Employee No. and is prefixed with letter A which can be company specific.
User should never be able to change uid as that should be consistent across organization.