http://www.psu.edu
http://www.phys.psu.edu
Home | About Us | Links | Search | Contact Info
Physics Account Verification FAQ

Physics Account Verification FAQ


February 27, 2008

As part of our migration to a newer, more secure network infrastructure, we require active users to validate their account. Accounts which are not validated by April 1, 2008 will be disabled (not deleted). Disabled accounts will be purged at the end of the Spring semester.

Please visit https://root.phys.psu.edu/phys_krb_migration/ to validate your account.

If you have any questions or concerns, you may visit the IT office in 237 Davey, or call us at 865-3024.

FAQ

Q: Do I have a Physics Account??

A: The short answer is, "If you aren't sure, then probably not." We are in the middle of transitioning to the use of PSU Access Accounts for authentication on the majority of Physics computers. There are still a few legacy items which require a local physics account, but even those are shrinking in number. Typically (but not always!), holders of physics accounts receive email at an address ending in "@phys.psu.edu". If you are unsure, you can use the account validation page anyway - it will give an error message if the account ID is not recognized. Alternatively, you are always welcome to email, call or visit the IT office.

Q: Why is this necessary?

A: There are two primary reasons for this request:

  1. Account auditing: We have a large number of accounts which seem to be inactive, and efforts to reach the named individual have failed. By requiring verification we can remove these obsolete accounts, thus increasing the resources and security for all valid users.
  2. Hardware incompatibility: The current account database resides on a very outdated hardware architecture. In order to migrate the authentication service to a more modern server, we need to be able to decrypt the database on a new platform - this requires either a "master password" or a "data token". Unfortunately, the master password was lost many years ago, and the manner in which data is stored on the old vs. the new server (Little Endian vs. Big Endian) makes the existing data token incompatible.

Q: How does it work?

A: Your credentials are entered into a web form which passes them to the existing authentication server. If the authentication succeeds, the provided username and password are used to create an account on the new authentication server. The code which does this processing stores your password only for the time it takes to execute the request (less than one second), and even then only in memory. At no time is your password saved to disk, or transferred in cleartext.

Q: Is this a scam? It sounds like a scam.

A: We agree - it sounds like a scam! Unfortunately, the rampant abuse of email on the Internet has made it difficult to make legitimate requests such as this one. If you have any doubts at all, please call 865-3024 or stop by 237 Davey Lab and we would be happy to validate your account in person.

Q: Will I ever have to go through this again?

A: NO! The new architecture has been built in a manner which will allow seamless upgrades for many years to come.



To report problems or request service, please send email to help@phys.psu.edu or call (814) 865-3024.