tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Goehring, Chuck Mr., RCI - San Diego" <cgoehr...@resourceconsultants.com>
Subject RE: How to hand in the passwords to 3000 users [urgent!]
Date Fri, 11 Apr 2003 00:02:14 GMT
Nancy,

I think you might be exposing yourself to legal problems if you don't do a password exchange
in person.  Accidentally letting someone into somebody else's grade info could be dangerous.
 If you have time, you could have the school send id/passwords out in a snail-mail letter
or add system generated password (properly labeled with warnings and disclaimers) in the normal
correspondence like grade report or ???.

Chuck

-----Original Message-----
From: Nancy Crisostomo Martinez [mailto:nancycm@correo.uqroo.mx]
Sent: Wednesday, April 02, 2003 7:51 AM
To: Tomcat Users List
Subject: Re: How to hand in the passwords to 3000 users [urgent!]


Hi !,
My application is some kind of schoolar system. In it the students could find all their schoolar
information by their own. You know, grades, schedules, finantial information, etc.. So  the
user id is given by their student id... so that is clear... but the problem begin because
we need to give their passwords to enter to the site.... We don't want to give a general password
for all, because some 'bad' friends of some
students could know his/her student id and enter to the site with the general password and
do some 'changes'...
We need some help to find the most secure way to hand in or to let the users know their password
to enter to the site. But we don't have their e-mails.

Thanks!

"Goehring, Chuck Mr., RCI - San Diego" wrote:

> Nancy,
>
> Hope I understood you problem correctly.  It might be worth doing a signup application,
then advertise it through the management chain of command with a url and instructions.  Have
the app capture the information to a text file or database.  Get the email, username and password
that way.  I think I'd also put password change & mailback capabilities in the app so
you don't have to change passwords for users all the time.
>
> Chuck
>
> -----Original Message-----
> From: Nancy Crisostomo Martinez [mailto:nancycm@correo.uqroo.mx]
> Sent: Tuesday, April 01, 2003 12:55 PM
> To: Tomcat Users List
> Subject: How to hand in the passwords to 3000 users [urgent!]
>
> Hi all!
>
> I'm trying to entablish the best way to hand in their own user_id and
> password to the 3000 users of an applicattion developed to Internet.
>
> I don't know which could be the best way to do this without forgetting
> the security because each user has some confidential information in
> his/her session.
>
> Could you please help me?
> Any clue could help me!
> Thanks in advance!
>
> Nancy.
>
> ps. I don't have their e-mails so, descart the email way.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message