Innopac Archive Index (by Date)

[ List Archives Home ] [ Thread index for 2008 ] [ Date index for 2008 ] [ Author index for 2008 ]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Date: Fri, 19 Sep 2003 11:43:30 -0400
From: John Dillon <JDillon@xxxxxxxxxx>
Subject: RE: Urggg! A patron review of the III patron authentication screen...

Jon,

1.  From what I've seen, you can have III shut off Name and/or one of the
two numeric prompts for authorization.  But I think having only one prompt
total provides very little security.

2.  He mentions "each inquiry within a session" requires reauthorization.  I
think this makes the most sense for public PC's, so that if patron fails to
close a public browser, the next person can't see their info.  

3.  My understanding was that no_reverify was a fix for entering multiple
requests, a different issue I think.


John D.



-----Original Message-----
From: Jonathan Jiras [mailto:jjjwml@xxxxxxxxxx]
Sent: Friday, September 19, 2003 10:21 AM
To: innopac@xxxxxxxxxx
Subject: Urggg! A patron review of the III patron authentication
screen...


Hello Innopacers:

Here's an email I thought I would share with all of you that we received
from an Information Technology professor informing us that he has placed
our catalog's hold/renew books feature in his "hall of shame".  Some of
what he says here is just misinformed, but what is really annoying about
all this is that it shows that people assume the patron
authentication/request features we designed and programmed and are
things over which we have total control.

It's so frustrating!

Jon Jiras
Library Software Specialist
Wallace Library
Rochester Institute of Technology
Rochester, NY 14623
585-475-7737
jjjwml@xxxxxxxxxx

[snip]
I'm teaching Human Factors this semester in IT, so I'm very attuned to
web design issues right now.  But these would get my attention in any
case.  I hope you find these suggestions helpful.
 
1)  The request/hold system has all the information it needs to email
users when a requested book comes in.  Daily checks are a great job for
a system and a crummy job for a machine.
 
The system requires users to login again (and again) for each inquiry
even within a session.  Furthermore the login is more complicated than
most (name, AND ID, and password) even though little if any extra
security is gained by asking for last name.
 
I actually wrote this up for a classroom "Hall of Shame" entry, so I
share it with you here.
 
Wally is a powerful system and I appreciate it.  These things are hard.
If you'd be interested in having my students perform a general
evaluation and make reccomendations, I'd be happy to discuss this.
 
Best wishes,
[snip] (name withheld)

--
This message was distributed through the Innovative Users Group INNOPAC list
Public replies:  INNOPAC@xxxxxxxxxx
Update your subscription options:
http://innopacusers.org/list/listinfo/innopac

Prev by Date: RE: data loss due to power outages
Next by Date: RE: New Book list in academic environment
Prev by thread: Re: Urggg! A patron review of the III patron authentication screen...
Next by thread: RE: Urggg! A patron review of the III patron authentication screen...
Index(es):
- Date
- Thread

RE: Urggg! A patron review of the III patron authentication screen...