Project: Password Reset

Project Manager: Rachelle Apgar

Clients/Requesters:

MIT/Stanford survey results – ITSS

ITSS Help Desk

Students, Faculty, Staff who have forgotten their SUNetID password

Purpose

The purpose of the Password Reset project is to allow users to reset their own password anytime of the day or night if they have forgotten it. Currently, this is done via Help Desk. The service is limited to the Help Desk hours. We currently receive approximately 400-600 calls per month and use 42 hours in Help Desk time. This application should significantly reduce this.

Objectives

  • Reduce the number of SUNetID help desk calls on Passwords
  • Provide enhanced 24x7 service for password reset for Campus (increased productivity for those who’ve forgotten password – e.g., they can get back to work sooner)

Deliverables

  • SUNetID pages with password reset feature
  • StanfordYou to set/change personal fact
  • WebAuth/WebLogin links
  • PC & Mac Leland links
  • Updates to web sites indicating where to reset password
  • Update to HelpSU phone and ITSS web sites
  • Communications plan

Scope (High Level Requirements)

  • Provide non-authenticated web based access to end users to reset their password
  • Provide stronger authentication questions (is this users who he/she says he/she is) by implementing a personal fact
  • Provide audit/log capabilities to measure # of password changes, # of failed attempts and three strikes out tracking
  • Provide directed communication Stanford-wide

High Level Tasks

Code, test, install new SUNetID 2.1 pages

Code, test, install new StanfordYou 2.1

Coordinate with TI Operations group to provide WebAuth/WebLogin

Coordinate with TI II group to provide MAC/PC-Leland changes

Coordinate with ITSS to provide web site updates where needed

SSP Meeting

Release Notes

Tech Briefing

Communications Plan

Outside the scope of the group are the following tasks:

  • Login password reset for applications that do not use single signon (SUNetID & Password e.g, Kronos, Meeting Maker, BenefitsSU, etc.)
  • Login password reset for individual school/department sites or any applications which do not use webauth/weblogin or Kerberos authentication.

Timeline and Milestones

Milestone

/

Date

SUNetID pages 2.1 release and internal (ITSS communications) – Phase I / November 16th
StanfordYou 2.1 release and internal (ITSS communications) – Phase II / December 15th
WebAuth/WebLogin / December 15th
PC/Mac Leland – Phase III / TBD
Phone message on 5-Help / By December 15th
Tech Briefing / November 14th
SSP Review / November 14th
Communications Plan – Phase II / December 1st
Project Phase I & II Complete (may not include release of PC/Mac Leland by February 1st) / February 1st

Assumptions & Dependencies

  • Communications plan includes WebAuth/WebLogin and PC/MAC-Leland.

Risks/Contingencies

  • If no resources or commitments to do PC/MAC-Leland are possible will cancel that task. This task impacts end users who don’t apply correct password.
  • WebAuth/WebLogin are not dependencies for the actual feature. This can be release this at a later date if priorities conflict. This task impacts end users who don’t apply correct password in WebAuth/Web applications.
  • Applications are internally released without communications prior to campus-wide notification – no communication dependencies this way
  • Release products at a later date if applications are not ready for release (no dependencies on other releases). Affects status quo Help Desk staff on password reset until products can be released and marketed.

Resources

Craig Jurney

Jennifer Vine

Jeff Mapes

Carol Oliver

Stanford-Password ResetCharter, 10/6/18Page 1 of 3