Email list hosting service & mailing list manager


Re: Dealing with password authenticated online content Susan Davis 29 May 2007 19:48 UTC

No Susan, you are not dreaming.  I believe this topic came up not all that
long ago and several responses came through with some solutions.

We certainly strive to set up IP based access whenever possible; however,
there are still some products that are password access only.

We have a little script (I'm not the technical person here so I'm just
describing the process in generic terms) that is invoked when a user clicks
on the 856 link which leads to an authentication page.  After the user
inputs the necessary information to verify themselves as a legitimate
university users, they are taken to a webpage that lists the username and
password for the product, as well as the URL to the product itself.

The downside of this process is that many users fail to read the entire
webpage explaining the need to take note of the username and password and
instead try to use their university authentication again to gain access.

With an ever increasing demand for one click access, this is not a
particularly elegant solution.  But it does keep the passwords "safe" in
that not just anybody can readily obtain them, nor does a patron have to
come to a service point to ask for them.

Susan

Susan Davis
Head, Electronic Periodicals Management Department
University at Buffalo (SUNY)
134 Lockwood Library
Buffalo, NY  14260-2210
(716) 645-2784
(716) 645-5955 fax
unlsdb@buffalo.edu

***Please consider the environment before printing this email****

--On Tuesday, May 29, 2007 2:13 PM -0500 Susan Wishnetsky
<pasiphae@NORTHWESTERN.EDU> wrote:

> At 12:23 PM 5/29/2007, Chad Hutchens wrote:
>> We have the same de-facto policy.  If the publisher or provider does not
>> offer IP authentication, we don't activate the title electronically ....
>
> We do the same, but I thought that some libraries had come up with
> a way to automate the entering of passwords.  Once the user clicks
> on a password-only resource, the user (or the location of the user's
> workstation) is authenticated by the library's system, which proceeds
> to activate a kind of macro to enter the password for them, a process
> that is invisible to the user.
>
> There'd probably have to be separate macros, with unique instructions,
> for each password-only product ... but if you really wanted to provide the
> product, it'd be worth it.  Did I dream this?  Is it being done anywhere?
> Can it be done?  SW
>
>
> Susan Wishnetsky
> Electronic Resources Librarian
> Galter Health Sciences Library
> Feinberg School of Medicine, Northwestern University
> 303 East Chicago Avenue
> Chicago, Illinois 60611-3008
>
> (312) 503-9351
> FAX (312) 503-1204
> pasiphae@northwestern.edu
>