Consent to allow emergency access to a Computing Service account

What is on offer

The Computing Service will collect permission from senior members of staff to allow another member of staff access to their account in their absence, in the case of a forgotten password to a Computing Service account or a forced password change following a security incident.

An existing password cannot be revealed to a recipient, it can only be changed and the new password handed to the recipient.

Terminology

  • the applicant - a senior member of staff of the University or a College fellow who is wishes to give permission for another member of staff to be able to collect a new password or passwords for an account on a Computing Service system in an emergency or if the applicant is away from Cambridge.
  • the recipient - the person who is authorised to collect the password(s). This may be a named individual or whoever is currently undertaking a well defined role.
  • the token - a password issued by the Computing Service which will be used to identify the recipient.

Implementation

An application form is available from the Computing Service. This should be completed by the applicant and returned to the Computing Service. If a specific person is named as recipient, that person should also sign the form.

The Computing Service will process the form and return a letter containing the token to the applicant.

A password will be released to a person who is named on the original application or who fits the description (role) supplied by the applicant and who can quote the token.

Applicants may request a change in token from the Computing Service at any time.

Conditions and limitations

  • only senior University staff and College fellows are eligible for this scheme
  • the recipient may be specified as an individual or a well defined role (e.g. secretary, computer officer)
  • the recipient must already be a user of Computing Service facilities
  • the applicant is responsible for keeping the token secret and for requesting that the token is changed when staff leave
  • anyone collecting a password will be required to identify themselves, e.g. with a University card
  • passwords will only be given to a third party if Computing Service staff are satisfied that this is in accordance with the intentions of the person requesting the facility
  • only passwords to the systems specified by the applicant will be released
  • the Computing Service takes no responsibliity for disclosing a password to the wrong person if they fit the description provided and can quote the token

Collecting a password

The applicant may ask the Computing Service to change a password on any system at any time. If the recipient needs to request a password change on behalf of the applicant, then the recipient should, if possible, go to Computing Service reception during normal opening hours bringing proof of identity and the token when the password will normally be provided on the spot.

If this is not possible, the recipient may phone Computing Service user administration to request a change in password, but should be aware that subsequent checks may take some little time.