Secure Password Authentication Project Initiated

The Office of the Vice Provost-Information and Educational Technology is launching a Secure Password Authentication Project. The objective of this project is to continue to improve the security of campus computing systems and to protect access to sensitive information through the widespread use of secure password authentication. To that end, a team has been assembled to assess technical issues, options, and solutions and to develop a plan to guide the implementation of secure password authentication on campus systems. Included in the scope of this policy will be email servers, ftp, telnet, etc. In its first phase, however, the project will focus on the implementation of secure password authentication on email servers. This project has been discussed with various campus groups, including the Technology Infrastructure Forum (TIF) whose request for secure password authentication in January further highlighted the vulnerabilities resulting from the use of clear text passwords over unencrypted connections. (See the TIF's request for secure password authentication). For more information on security issues and resources, see the Security Web site.