6.02.01 Electronic Identity Authentication Policy

I. Purpose

The purpose of this procedure is to ensure that the authorized individual is using a computer account.

Policy Supported

Electronic Identity Authentication Policy 6.02

II. Description

This procedure is invoked under several circumstances:

  • When a computer account is established for an individual, this procedure is used to validate and activate the account so it can be used. This could take place well before the account user shows up on campus.
  • If we suspect one or more user’s accounts have been compromised, we would invoke this procedure.
  • If an account holder’s password expires and cannot successfully use the web based lost password reset procedure, this procedure is used to validate the account before it can be used again.
  • If an account holder suspects their account has been compromised, they must notify us and re-validate their account. The Compromised Account Notification Procedure (6.02.02) describes the required process.
  • At the time the Electronic Identity Authentication Policy was approved, BUnetID did not constitute a valid proof of identity. A campus-wide validation is required to ensure compliance with proof of identity requirements.

III. Procedures

Computing Services securely transmits information the account user needs to invoke this procedure. The information includes the BUnetID and one-time use secret PIN.

  • A letter mailed via USPS to the account holder.
  • Verification of a government-issued picture ID. Acceptable IDs include state-issued driver license, state-issued ID card, or US government-issued student Visa.
  • Sealed envelope containing printed information given to department secretary for new faculty or staff member.

The individual goes to a Web site listed in the notification letter and enters the BUnetID and the one-time use PIN. For faculty or staff an additional requirement is to enter the last four digits of their social security number.

The account holder establishes a new password and answers to the password reset questions.

IV. Scope

The procedure applies to all Bradley University computer and network users.

Date Approved      
       
Dates Revised      
       
Dates Reviewed