skip to main content

Identity Services

NetID Identity Management

NetID Account Usage

A NetID account is required for access to most Texas A&M University information systems. A NetID account allows the account holder to authenticate (verify their identity by entering the correct NetID Credential, i.e. I am who I say I am.) on any application using CAS or the NetID AD DS password service. Whether or not a person is authorized to use the resource they are trying to access with their NetID Credential is determined by the application separate from the authentication process.

InCommon Participant logo

Texas A&M University's membership in InCommon provides Texas A&M NetID account holders with the ability to use their NetID Credential to authenticate to participating higher education and federal government online services.

NetID Account Eligibility

There are two categories of people eligible for a Texas A&M NetID account.

Personnel affiliated with the university through employment, enrollment, or some other pre-existing relationship

Texas A&M NetID accounts are available to:

  • Employees:
    • employees of The Texas A&M University System
    • non-System Texas A&M University Qatar campus employees
    • non-System Texas A&M Mexico Office employees
    • non-System Texas A&M Soltis Center employees
  • Faculty:
    • Positional faculty employed by The Texas A&M University System
    • Official faculty recognized by Dean of Faculties and eligible to participate in Faculty Senate
    • Graduate adjunct faculty registered with Office of Graduate Studies
    • Adjunct faculty affiliated with any Texas A&M University System department
    • Clinical faculty affiliated with any Texas A&M University System department
  • Students
    • applicants to Texas A&M University current and/or future semesters
    • Texas A&M University admits for current and future semesters
    • Texas A&M University students enrolled in past, current, or future semester courses
    • Texas A&M College of Veterinary Medicine clinical trainees
    • Texas A&M Health Science Center residents
    • continuing education or certificate program students
  • Affiliates
    • Employees of organizations located on Texas A&M campuses:
      • Texas A&M Foundation
      • The Association of Former Students
      • 12th Man Foundation
      • Office of the Commandant: US Department of Defense personnel stationed on campus
      • USDA-ARS Southern Plains Agricultural Research Center
      • US Department of Veterans Affairs personnel stationed on campus
      • FUJIFILM Diosynth Biotechnologies (formerly Kalon Biotherapeutics, LLC)
    • Employees of commercial businesses contracted to provide services on Texas A&M campuses:
      • Barnes & Noble campus bookstore personnel
      • Compass Group, USA personnel stationed on campus
      • Astin Limited personnel stationed at Easterwood airport
      • Columbia Advisory Group personnel supporting various member institutions
    • Members or participants in select campus programs and groups:
      • Board of Regents
      • Aerospace Advisory Board
      • Institute of Nautical Archaeology
      • Texas A&M Medical Library partner institution librarians
      • Mays Business School special programs participants
    • Visiting scholars
  • Retirees:
    • all retirees of The Texas A&M University System

With the exception of those who have been Texas A&M University enrolled students, a Texas A&M NetID account becomes eligible for deletion when the account holder is no longer affiliated with any Registration Authority.

A student retains his or her NetID account for 2 years post-enrollment. After this grace period expires, the NetID account is deleted. The student then is eligible to set up a limited-duration NetID account they can use to order and pay for transcripts.

Personnel sponsored by a university employee or student

A sponsored NetID account is an account created for a guest or visitor who requires temporary access to the campus network in support of legitimate University work. Accounts can be sponsored by Texas A&M organizational units or by individuals with an active affiliation.

Account sponsors have certain responsibilities. They have to identify and justify the business reason for the account and they must also communicate to the guest the University's rules on appropriate use.

The initial deployment of this account category has been to provide parent access to Texas A&M University services.

Sponsored accounts have an account expiration date set when the account is requested. The NetID account expires on that date. The account will also expire if the account sponsor leaves the university.

Requesting a NetID Account

Departments can request NetID accounts for visiting scholars or visiting student interns for stays of at least one month.

The visiting person's supervisor, sponsor or the HR representative for the sponsoring department should fill out and submit the NetID Account Request Form.

The Identity Management Office will establish an account and respond to the specified contact, who passes the information onto the individual. The individual can then activate their NetID account at gateway.tamu.edu.

NetID Account Lifecycle

Management of a NetID account differs based on the type of affiliation the account holder has with the university. The following documents provide details of management processes for the various university populations.

NetID Credential Suite - A Look at the Future

The current NetID Credentials offered by Texas A&M University are being expanded to support NetID Credentials that meet stricter security requirements. The expanded set of NetID Credential offerings will be:

NetID Credential and the resources they allow an account holder to access
  Former Student NetID Guest NetID Standard NetID Bronze Assured NetID Silver Assured NetID
Access to Texas A&M on-line services
Yes
Yes
Yes
Yes
Yes
Access to Higher Ed on-line services    
Yes
Yes
Yes
Access to Federal Government LOA 1 on-line services      
Yes
Yes
Access to Federal Government LOA 2 on-line services        
Yes
  • The Former Student NetID is a minimal access account provided to former students once they are no longer eligible for a Standard NetID. The account can be used by the former student indefinitely to request transcripts.
  • The Guest NetID is a minimal access account provided to parents and guests. The account can be used by the parent or guest to access delegated resources.
  • The Standard NetID is the default account provided to personnel at Texas A&M University.
  • The Bronze Assured NetID will meet InCommon Bronze Identity Assurance criteria.
  • The Silver Assured NetID will meet InCommon Silver Identity Assurance criteria.
  • Access to Federal Government Level of Assurance (LOA) 1 and 2 on-line services is enabled through Texas A&M University's membership in the InCommon Federation (www.incommonfederation.org).

The enhanced functionality provided by a Bronze Assured or Silver Assured NetID Credential requires the Subject to comply with increasingly strict identity management practices. This document summarizes the management practices for the different NetID Credential offerings.

Definitions

Address of Record: A means of contacting the Subject. In addition to a residential/mailing address, InCommon considers an email address, a telephone number (fixed or mobile), or other similar mechanisms by which the Subject can receive communications valid as addresses of record.

Assurance: The degree of confidence in the vetting process used to establish the identity of the Subject to whom the Credential was issued, and the degree of confidence that the individual who uses the Credential is the Subject to whom the Credential was issued. The US government uses the four assurance levels defined in OMB-04-04 to express the degree of confidence:

  • Level 1: Little or no confidence in the asserted identity's validity
  • Level 2: Some confidence in the asserted identity's validity
  • Level 3: High confidence in the asserted identity's validity
  • Level 4: Very high confidence in the asserted identity's validity

Authentication: The security measure by which a person transmits and validates his or her association with an electronic identifier. An example of authentication is submitting a password that is associated with a user account name.

Authentication Secret: The private portion of a Credential known or controlled solely by the Subject to whom the Credential was issued.

Bronze Assurance: The InCommon Bronze Assurance level is comparable to OMB-04-04 Level of Assurance 1.

Credential: A unique identifier and associated authentication material used by the Subject in the authentication process.

Credential Binding: Verifying the Subject is in control of the Subject's NetID Credentials.

Enrollment: Creating a record of the Subject's identifying information in the Identity Management System.

Identity: The set of information that pertains to a Subject. This information is used to uniquely identify the Subject and communicate with the Subject. It may also include memberships, roles and eligibility.

Identity Agent: A Texas A&M University employee authorized and trained to assist campus Subjects affiliated with Texas A&M University to create and/or upgrade their personal NetID accounts.

Identity Assertion: A structure data object containing information about the authenticating Subject and other data useful for authentication and access. The Assertion is digitally signed by the issuer.

Identity Authentication Assurance: An application or service's degree of certainty that the Credential used to authenticate is being used by the Subject associated with the Credential.

Identity Management System (IdMS): A system that fulfills enterprise identity and access management needs. It maintains a database of Subjects with information about people gathered from Registration Authorities and a store to house Subject Credentials and is responsible for properly merging identity data, determining group memberships, provisioning resources, and managing Subject NetID accounts and Credentials.

Identity Proofing: Checking the validity of identity documents and ensuring they apply to the Subject.

Identity Provider: The system component that issues Identity Assertions on behalf of Subjects who use them to access services. Texas A&M uses Shibboleth.

Multi-factor: A characteristic of an authentication system or a token that uses more than one authentication factor. The three types of authentication factors are something you know (password, PIN); something you have (OTP generator, smart card); and something you are (keyboard typing rhythm, fingerprint, voice).

NetID: The Texas A&M University campus login account identifier.

Registration: Creating a record of the Subject's identifying information in the Registration Authority.

Registration Authority: A Texas A&M business unit that conducts Subject registration.

Silver Assurance: The InCommon Silver Assurance level is comparable to OMB-04-04 Level of Assurance 2.

Subject: A physical person.

Universal Identification Number (UIN): The unique identifier assigned to personnel in The Texas A&M University System. As part of the registration process, all Texas A&M Registration Authorities obtain a UIN for the Subject from the UIN System, the Person Registry for The Texas A&M University System, operated by the Texas A&M System B/P/P Operations Center. A UIN is sufficient to uniquely identify a single person within Texas A&M University's range of foreseeable potential Subjects.

Verifier: The system component that validates the correctness of offered authentication material. Texas A&M uses CAS.

NetID Credential Lifecycle

The NetID Credential lifecycle consists of an initialization phase, an operational phase, and a termination phase. The following review of identity management practices addresses Credential lifecycle events associated with each phase.

Graphical representation of 
NetID lifecycle described in following sections

Initialization Phase

The initialization phase results in the successful enrollment of the Subject in the Texas A&M NetID Identity Management System (IdMS) and the establishment of the NetID Credential.

Enrollment

Creation of a record for the Subject in the Texas A&M NetID IdMS

In order for a Subject to claim a NetID account, the following identity data is required by the Texas A&M NetID IdMS:

Identity data required for the different NetID Credentials
Former Student NetID Guest NetID Standard NetID Bronze Assured NetID Silver Assured NetID
UIN
Full Name
Date of Birth
Full Name
UIN
Full Name
Date of Birth
UIN
Full Name
Date of Birth
UIN
Full Name
Date of Birth
Address of Record

Texas A&M Registration Authorities

Subject identity information is sent to the Texas A&M NetID IdMS by over a dozen Registration Authorities.

Enrollment of a Subject in the Texas A&M NetID IdMS is triggered when a record for the Subject is received by Texas A&M Identity Services via a data feed, web services, or one of the on-line identity support applications. By sending information about a Subject to the Texas A&M NetID IdMS, the Registration Authority asserts that the Subject has a current relationship and is in good standing with the university, that the Subject is entitled to NetID Credentials, and that the Registration Authority is sponsoring the Credentials. Registration Authorities that support multiple campus populations send additional information to the Texas A&M NetID IdMS that define the nature of the Subject's relationship to the university. Table 1 provides a summary of all populations eligible for Texas A&M NetID Credentials and their Registration Authorities.

Various Texas A&M populations and their Registration Authorities
Population Registration Authority
Employees:  
Texas A&M System employees Budget/Payroll/Personnel (B/P/P) System
Texas A&M System retirees Budget/Payroll/Personnel (B/P/P) System
non-System Texas A&M-Qatar employees TAMU-QT Information Technology Services
Texas A&M Mexico City facility employees Provost IT Office
Texas A&M Soltis Center employees Provost IT Office
Faculty:  
Texas A&M System positional faculty Budget/Payroll/Personnel (B/P/P) System
Texas A&M official faculty Dean of Faculties
Texas A&M graduate adjunct faculty Office of Graduate Studies
Texas A&M adjunct faculty none-request via Identity Management Office
Texas A&M clinical faculty TAMHSC Information Services
Students:  
Texas A&M applicants Admissions/TAMU Banner System (EIS)
Texas A&M admitted students Admissions/TAMU Banner System (EIS)
Texas A&M enrolled students Office of the Registrar/TAMU Banner System (EIS)
Texas A&M College of Veterinary Medicine clinical trainees Texas A&M College of Veterinary Medicine
Texas A&M Health Science Center residents Texas A&M Health Science Center
Continuing education/certificate students none-request via Identity Management Office
Affiliates:  
Domestic visiting scholars none-request via Identity Management Office
International visiting scholars none-request via International Faculty & Scholar Services
Texas A&M Foundation employees Texas A&M Foundation
The Association of Former Student employees The Association of Former Students
12th Man Foundation employees 12th Man Foundation
U.S. Dept. of Defense personnel Office of the Commandant
USDA-ARS local facility employees USDA Southern Plains Agricultural Research Center
U.S. Veterans Affairs personnel Texas A&M University - Central Texas
FUJIFILM Diosynth Biotechnologies (formerly Kalon Biotherapeutics, LLC) employees FUJIFILM Diosynth Biotechnologies (formerly Kalon Biotherapeutics, LLC)
Texas A&M Bookstore employees Texas A&M campus Barnes & Noble bookstore
Compass Group, USA employees Compass Group, USA
Astin Limited employees Texas A&M Contracts
Columbia Advisory Group employees Texas A&M System member institution CIOs
Emergency first responders Texas A&M University Police Department
Board of Regents Texas A&M University System Offices
Aerospace Advisory Board Texas A&M Aerospace Department
Institute of Nautical Archaeology Texas A&M Anthropology Department
Texas A&M Medical Library partner institution librarians Texas A&M Medical Library
Texas A&M veteran program participants Mays Business School
Texas A&M former students none-use historical identity data from last enrollment and allow Subject to update name and contact information
Sponsored Affiliates (Guests):  
Parents of Texas A&M enrolled students none-use identity data provided by student
Conference/camp attendees none-use identity data provided by organization sponsoring event

Identity Proofing

Verification of the Subject's identity

Identity proofing is not required for the NetID or Bronze Assured NetID accounts. However, Silver Assured NetID accounts do require basic identity proofing. (See InCommon Bronze and Silver Identity Assurance Profiles, section 4.2.2.4 for an explanation of basic identity proofing procedures.)

Identity proofing requirements for the different NetID Credentials
Former Student NetID Guest NetID Standard NetID Bronze Assured NetID Silver Assured NetID
self-asserted identity information sufficient self-asserted identity information sufficient self-asserted identity information sufficient identity documents reviewed and data verified to match that in IdMS basic identity proofing required

Identity proofing is conducted by the Registration Authority sponsoring the Subject. The Texas A&M NetID IdMS relies on the Subject's existing relationship with the Registration Authority to meet identity proofing requirements.

Basic In-Person Identity Proofing

Subject presents a government ID to the Registration Authority. The ID must be valid, current and contain:

  • a picture of the Subject
  • date of birth
  • either an address or a nationality

The Registration Authority inspects the photo ID and compares the image to the physical Subject, confirming they are the same person.

The Registration Authority records:

  • the document type and issuer
  • the address given on the ID if there is one
  • the date of birth on the ID

Texas A&M System employee identity proofing

Payroll Services, in conjunction with Human Resources, performs identity proofing as part of the new employee orientation process to verify employment eligibility. Information collected during new employee orientation is used to create a record for the employee in the Budget/Payroll/Personnel database.

Texas A&M student identity proofing

Texas A&M student identity proofing does not currently meet Silver identity proofing requirements. Texas A&M students self-assert identity data in their application to the university. Information submitted on the application is used to create a record for the student in the TAMU Banner database operated by Enterprise Information Systems.

Credential Issuance: Establishment

Establishment of Subject's Texas A&M NetID Credentials

Initially, a Subject will establish a NetID Credential that consists of a NetID/password pair. Texas A&M NetID Credential establishment or activation is a self-service on-line process.

Upgrading to Silver Assured

A Silver Assured NetID Credential will consist of a NetID/password/time-based One-Time Password (TOTP) triplet. To incorporate TOTP into a Credential, Texas A&M utilizes Duo Two-Factor Authentication. A Subject enables Duo on his/her NetID account by completing the enrollment process using the self-service NetID Duo Enrollment application.

NetID Credential descriptions
Former Student NetID/Guest NetID/Standard NetID/Bronze Assured NetID Silver Assured NetID
Credential unique identifier: NetID Credential unique identifier: NetID
Authentication Secret: password
The password selected by the Subject must:
  • contain at least one lowercase letter
  • contain at least one uppercase letter
  • contain at least one non-alphabetic symbol
  • contain only the following characters:
    a-z, A-Z, 0-9, `~!@#$%^&*()-_=+[{]}\|:;',<.>?/
  • not contain words found in a dictionary
  • not contain the Subject's NetID
1st Authentication Secret: password
The password selected by the Subject must:
  • contain at least one lowercase letter
  • contain at least one uppercase letter
  • contain at least one non-alphabetic symbol
  • contain only the following characters:
    a-z, A-Z, 0-9, `~!@#$%^&*()-_=+[{]}\|:;',<.>?/
  • not contain words found in a dictionary
  • not contain the Subject's NetID
  2nd Authentication Secret: TOTP
The time-based one-time password is generated by the Subject's device at the time the Subject logs in and must be verified by Duo Security before it expires.

Credential Issuance: Binding

Verify Subject is in control of Subject's NetID Credentials.

Credential binding is not required for the Former Student NetID, Guest NetID, Standard NetID or Bronze Assured NetID. For Silver Assured NetID accounts, the Subject's NetID Credential must be bound to the Subject's identity.

Credential binding for the different NetID Credentials
Former Student NetID Guest NetID Standard NetID Bronze Assured NetID Silver Assured NetID
binding not required binding not required binding not required binding not required binding required

To bind the Subject to his or her NetID Credential, the Subject must visit an Identity Agent and present a government photo ID.

The Identity Agent compares the Subject's government ID photo to the Subject and verifies Subject is the person pictured on the ID. The Identity Agent then verifies the Subject's name and date of birth on the ID match the information provided by the Registration Authority and may also verify the address if present on the ID and provided by the Registration Authority.

If the Identity Agent successfully completes the identity verification steps, the Identity Agent logs the successful verification and gives the Subject a 6-character randomly generated PIN.

Within 8 hours, the Subject must log into the Silver NetID activation application, authenticating with their NetID/password/TOTP Credential and providing the PIN. Upon successfully entering the NetID Credential, UIN and PIN information, binding of the Subject to the NetID Credential is completed.

Operational Phase

During the operational phase, various functions are performed in parallel. The Subject manages his or her Credential and keeps it secure. The Texas A&M NetID IdMS manages the Credential data and status and securely maintains the identity information collected during the initialization phase. The Credential is used repeatedly by the Subject to authenticate to Verifiers.

Subject Use of Credential

When a Subject authenticates to an application, the application sends an authentication request to the Texas A&M Identity Provider.

In addition to passing back the success or failure of the authentication event, the Texas A&M Identity Provider will inform the application whether or not the Subject's Credential meets the requested assurance level if the application has requested that this information be included in the payload.

Monitoring Suspicious Credential Activity

Monitoring of Credential activity is a program operated by Texas A&M NetID IdMS Operations in conjunction with Texas A&M IT Security.

CAS login activity is audited for suspicious Credential activity. Reports are delivered to the Texas A&M NetID IdMS Operations administrators for review and further action if necessary. If a Credential is determined to be compromised, the Credential is revoked and the Subject's NetID account locked.

The Subject's NetID account can be unlocked only by designated IT Security or NetID IdMS Operations staff.

Subject Education

To reduce the risk of a Subject intentionally compromising his or her Credential, Information Technology's Risk Management and Policy group has developed the Information Security Awareness Training course available through the employee training system, TrainTraq. Texas A&M University employees are required to complete Information Security Awareness Training annually.

Termination Phase

In the termination phase, the Credential may be renewed or re-issued; or, the Credential may be revoked and/or destroyed.

Credential Expiration

To come to the end of the Credential's usage or validity period.

Expiration of the NetID Credential is a function of the Subject's role. Subjects who possess only a guest or parent role may use the same NetID Credential for the entire life of their account. These Subjects have the ability to change their password and create a new Credential, but not due to expiration of the Credential. In contrast, all NetID Credentials for Subjects who possess roles other than guest or parent will expire one year after establishment. If the Subject creates a password greater than sixteen characters, the Credential will be valid for four years.

Expiration of the different NetID Credentials
Former Student NetID Guest NetID Standard NetID Bronze Assured NetID Silver Assured NetID
Credential valid for 6 months after establishment Credential valid until account deleted Credential valid for one year or four years after establishment Credential valid for one year or four years after establishment Credential valid for one year or four years after establishment

Three weeks prior to Credential expiration, the Subject is notified via e-mail of the pending expiration. If the Subject does not establish a new Credential, a second notice is sent via e-mail two weeks prior to the expiration date. One week prior to the expiration date, a final notice is sent.

Credential Revocation

To render the Subject's NetID Credentials invalid and unusable.

Former Student NetID Credentials are revoked in two situations:

  • The Credentials expire.
  • The Subject's NetID account was locked due to improper use or compromise.

Guest NetID Credentials are revoked in two situations:

  • The Subject's NetID account was locked due to improper use or compromise.
  • The Subject's relationship with Texas A&M University has ended.

Standard NetID, Bronze Assured NetID and Silver Assured NetID Credentials are revoked in three situations:

  • The Credentials expire with no action on the part of the Subject to establish a new Credential.
  • The Subject's NetID account was locked due to improper use or compromise.
  • The Subject's relationship with Texas A&M University has ended.

When a Silver Assured NetID Credential is revoked, the Subject's account loses the Silver Assured status. In order for the Subject to obtain another Silver Assured Credential, they must repeat the binding process.

Credential Re-issuance/Re-establishment

NetID Credentials can be re-issued/re-established using one of three mechanisms.

Re-issuance/Re-establishment by authenticating with the existing, unexpired Credential

Prior to expiration of the existing Credential, a Subject may use his or her current Credential to obtain a new Credential by using the Password Change application. Establishing the new Credential via this mechanism retains the security status of the previous Credential.

Re-issuance/Re-establishment using alternative authentication

If the Subject has previously set up Self-Service Password Reset, the Subject may use the Self-Service Password Reset application to obtain a new Credential. The Self-Service Password Reset application sends a short-lived single use Secret to the e-mail or phone number on record that the Subject must submit in order to establish a new Credential.

A new Credential established via this mechanism prior to the expiration of the existing Credential retains the security status of the previous Credential.

Re-issuance/Re-establishment with Help Desk assistance

Subjects who have forgotten their Authentication Secret or whose Credential has expired and been revoked and who have not set up Self-Service Password Reset may call into Help Desk Central or go by an Open Access Lab or Help Desk Central to have their account marked for a password reset via the Forgotten Password Reset application.

Establishing the new Credential via this mechanism retains the security status of the previous Former Student NetID, Guest NetID, Standard NetID or Bronze Assured NetID Credential. The security status of a Silver Assured NetID Credential is not retained via this mechanism and a Bronze Assured NetID Credential will be issued rather than a Silver Assured NetID Credential.

NetID Password Management

Management of a NetID password encompasses a number of practices. The table and comments below describe the default password management practices for Texas A&M NetID account holder populations. More stringent password management practices are implemented via the account holder's tamuEduPersonPasswordPolicy settings.

Texas A&M NetID Default Password Management Practices
  Parents/Guests All Other Populations
Minimum length of password 8 8
Maximum length of password 128 128
Password is character checked Yes Yes
Maximum age of password (in days) exempt if password length < 16 characters ⇒ 365
if password length 16 characters or more ⇒ 1461
Days of daily expiration warnings exempt once per week for 3 weeks
Password minimum age for reset (in days) 0 0
Password uniqueness/history 6 6
Failed attempts before lockout (CAS) 7 7
Lockout duration in minutes (CAS) 15 15
Failed attempts before lockout (Duo Two-Factor) 7 7
Lockout duration in minutes (Duo Two-Factor) 15 15
May reset forgotten password via Self-Service Password Reset Yes Yes
May reset forgotten password via HelpDesk Central phone Yes Yes
May reset forgotten password in person Yes Yes
  • Each attempt to change a password is checked to ensure that the new password conforms to the character requirements.
    • A password must contain at least one (1) lowercase letter.
    • A password must contain at least one (1) uppercase letter.
    • A password must contain at least one (1) non-alphabetic symbol.
    • A password must contain only the following characters: a-z, A-Z, 0-9, `~!@#$%^&*()-_=+[{]}\|:;',<.>?/
    • A password may not contain words found in a dictionary.
    • A password may not contain the user's NetID.
  • Passwords expire after a specific number of days as shown in the table.
  • When the current date is close to the date of password expiration, messages will be sent weekly to the user's university business email address indicating that the password is about to expire and giving instructions for resetting the password. One week prior to the expiration date, any attempts to authenticate via CAS will redirect the account holder to the password change application.
  • Password uniqueness/history counts the number of passwords stored by the system to ensure that a password is not reset to one that was previously used.
  • Failed attempts before lockout counts the number of attempts a user may have to enter a correct NetID Credential before the account is frozen and may not be accessed.
  • Once an account is frozen, a specific amount of time must pass before the account is automatically unlocked, the failed attempts count is set to zero and the user may again attempt to enter a correct NetID Credential.
  • Self-Service Password Reset is the ability to change a password to something known, even if the user does not currently know their password.
  • Users may be able to reset their password using an alternative authentication mechanism by calling HelpDesk Central and having them flag the account.
  • Users may be able to reset their password by appearing in person with a photo ID.