Information Resources and Technology Procedure

Section Procedure Name Procedure Number
Access Control Account Validation 6.02.01

 

Procedure Purpose

The purpose of this procedure is to ensure that the authorized individual is using a computer account

Policy Supported

Electronic Identity Authentication Policy 6.02

Procedure Description

This procedure is invoked under several circumstances:

  • When a computer account is established for an individual, this procedure is used to validate and activate the account so it can be used. This could take place well before the account user shows up on campus.
  • If we suspect one or more user’s accounts have been compromised, we would invoke this procedure.
  • If an account holder’s password expires and cannot successfully use the web based lost password reset procedure, this procedure is used to validate the account before it can be used again.
  • If an account holder suspects their account has been compromised, they must notify us and re-validate their account.  The Compromised Account Notification Procedure (6.02.02) describes the required process.
  • At the time the Electronic Identity Authentication Policy was approved, BUnetID did not constitute a valid proof of identity. A campus-wide validation is required to ensure compliance with proof of identity requirements.

Procedure Process

  • Computing Services securely transmits information the account user needs to invoke this procedure. The information includes the BUnetID and one-time use secret PIN.
    Secure communication methods are:
    • A letter mailed via USPS to the account holder.
    • Verification of a government-issued picture ID.  Acceptable IDs include state-issued driver license, state-issued ID card, or US government-issued student Visa.
    • Sealed envelope containing printed information given to department secretary for new faculty or staff member.
  • The individual goes to a Web site listed in the notification letter and enters the BUnetID and the one-time use PIN. For faculty or staff an additional requirement is to enter the last four digits of their social security number.
  • The account holder establishes a new password and answers to the password reset questions.

Procedure Scope

The procedure applies to all Bradley University computer and network users.

Procedure Definitions

  • BUnetID – The ID (a.k.a. user name, login, user-id, and account name) used by Bradley to identify all users of network services.
  • One-time use secret PIN – one time password to be used for this procedure.

 

Date Approved Revision 1 Date Revision 2 Date Revision 3 Date Revision 4 Date Revision 5 Date
           

 

maintained by S. Renken