How to manage temporary user accounts

Sometimes it's useful for departments to have usernames that can be re-used. Find out how to manage this type of account.

If you regularly have short term visitors/guest speakers/temporary staff etc, and it isn't always practical for these individuals to apply for their own personal username you may wish to apply for one or more temporary accounts.

Members of staff can apply for one or more non-personal/project type user accounts. These accounts are the responsibility of the member of staff who applied for them, the account custodian.

Passwords and security

The custodian of each account is responsible for the security of it at all times when they are not in use. When a temporary user is given access to an account, the responsibility is then theirs. For accountability reasons, only one person (the account custodian or the temporary user) should know the password to each account at any one time.

When these accounts are created, the account custodian is given a default password for each one. They must keep this password secure. When they issue the account to a temporary user, they must logon, then tell the temporary user to change the password to something that only the temporary user knows.

When the temporary user no longer needs the account, the account custodian must ask Username Administration to reset the custodian's password.

Managing the accounts

Account custodians must complete an entry in the temporary user account allocation sheet and obtain a 'signature of agreement to comply with University policy when using the account' by each temporary user, each time the account is issued. For audit purposes these records must be kept at least 12 months after the account access by the temporary user has stopped.