Some context: Since December, the Admin team has adopted pass, and it's documented for the admin team at pass.md.

But pass is not appropriate for everyone. We're using it because it lets us have Team passwords without paying the 60$/month or whatever LastPass charges for Team accounts, but for students we just want to encourage KeePassXC or Apple KeyChain or the free version of LastPass.

I analyzed the content of the on-boarding section and I feel like this section should be one of the first that a newcomer should read (since ALL his credentials should follow this security rules, even the first he will get from CAS)

Actually the really first page, named Getting started, is really empty:

What about feeling this page with some basic information on common topic that EVERYBODY should know when working in the lab:

• IT Security (like password management, software license violation, ..) - I never had a tip about the fact that Poly have a 0 risk tolerance with stolen software license, but most of the newcomer have some on their computer for Windows or office
• Code of conduct (usage of french vs english, non genderism, ..) - I sent an email in english to poly security access team a week ago and I didn't even know it was in French only with them...

When I on-board in companies or even in non-profit, it's really common to have these kind of documents before ANYTHING, just to put the basic and be sure that the newcomer understand the context in which it will evolve.

After that it continue with the on-boarding issue and the different technical and theoric informations as we already have.

@kousu @joshuacwnewton would you have some feedback since you worked on the on-boarding and know the lab ?

Code of conduct (usage of french vs english, non genderism, ..) - I sent an email in english to poly security access team a week ago and I didn't even know it was in French only with them...

Related to #23

Code of conduct (usage of french vs english, non genderism, ..) - I sent an email in english to poly security access team a week ago and I didn't even know it was in French only with them...

Also related to the language policy too.

I analyzed the content of the on-boarding section and I feel like this section should be one of the first that a newcomer should read (since ALL his credentials should follow this security rules, even the first he will get from CAS)

Actually the really first page, named Getting started, is really empty:

What about feeling this page with some basic information on common topic that EVERYBODY should know when working in the lab:

I really agree that we should have a good baseline for everyone to start from. Personally, my experience getting onboarded was very chaotic, and I don't think it really finished until a year and a half in, so I constantly felt drowned in systems people expected me to be familiar with but wasn't. I would really like to see that improve so people, especially interns, don't feel so drowned.

We had a discussion on Slack last summer about improving this, about looking at "lab manual"s that other labs have, which I summarized and started tracking in #25 (comment)

I think password management (this issue) is a subset of Lab Manual (that issue). They certainly need to be fit together smoothly. Can we start with a separate password management page? It wouldn't have to be in the onboarding section, but we could link to it from onboarding saying "you must use one of these options".