[Koha] Online password reset

Raymund Delahunty r.delahunty at arts.ac.uk
Wed Jan 16 04:24:57 NZDT 2019


Hello Peter-

Passwords and authentication are in my mind right now as the university IT security manager has asked me for an explanation and a risk analysis document after I recently started offering staff "local authentication". I identified a risk where the superlibrarian can be locked out and lose control of the system. I have raised it as a bug. Whether I will be permitted to continue to offer local Koha authentication is still under discussion.

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22063

(I'm not sure if I have raised this bug correctly, as I see the vulnerability as serious and thought my alarm might be shared by others in the community...)

Ray Delahunty
University of the Arts London

-----Original Message-----
From: Koha [mailto:koha-bounces at lists.katipo.co.nz] On Behalf Of Peter Lau
Sent: 14 January 2019 06:00
To: koha at lists.katipo.co.nz
Subject: [Koha] Online password reset

I have checked that under HOME > TOOLS > NOTICES & SLIPS that there’s online password reset set up. However, when I changed my password, I received no notices but I have received other check-in and check-out notices.

Thanks & regards,

*Peter Lau*

Librarian

Tel: (852) 3977 9868 | Email: Peter.Lau at yccece.edu.hk | Fax: (852) 23384320

 [image:
https://docs.google.com/uc?export=download&id=1wiYZQsqhNTJZjyNbLJx-6ODZyoYE5NNu&revid=0BzpPRj4UE0XeT1R2WUt2dnhmTFBBeEpVR3dqcU5QbnF6NVg4PQ]

2 Tin Wan Hill Road, Tin Wan, Aberdeen

*YCCECE, Here We Grow Our Future | *www.yccece.edu.hk _______________________________________________
Koha mailing list  http://koha-community.org Koha at lists.katipo.co.nz https://lists.katipo.co.nz/mailman/listinfo/koha
This email and any attachments are intended solely for the addressee and may contain confidential information. If you are not the intended recipient of this email and/or its attachments you must not take any action based upon them and you must not copy or show them to anyone. Please send the email back to us and immediately and permanently delete it and its attachments. Where this email is unrelated to the business of University of the Arts London or of any of its group companies the opinions expressed in it are the opinions of the sender and do not necessarily constitute those of University of the Arts London (or the relevant group company). Where the sender's signature indicates that the email is sent on behalf of UAL Short Courses Limited the following also applies: UAL Short Courses Limited is a company registered in England and Wales under company number 02361261. Registered Office: University of the Arts London, 272 High Holborn, London WC1V 7EY


More information about the Koha mailing list