Hi,
How can I be sure students can't share their account access? It is all about commercial subscription-based training. Your response is highly appreciated. Thanks folks.
Ragards,
John
What about preventing multiple log-ins by the same login and password in Moodle?
by John Stremp -
Number of replies: 15
In reply to John Stremp
Re: What about preventing multiple log-ins by the same login and password in Moodle?
by Visvanath Ratnaweera -
How should the Moodle server differentiate whether the real owner enters the username and password or a thief?
In reply to Visvanath Ratnaweera
Re: What about preventing multiple log-ins by the same login and password in Moodle?
by Alek Hartzog -
We are actually implementing this for our business- we are going to require students to log in with facebook connect so they dont share accounts, then have unique access codes for each student for each course.
We are having this plugin built then it will go into the public domain.
As far as we are aware there is not currently a feature that allows this...if anyone finds it we would love to know!
Boom!
In reply to Alek Hartzog
Re: What about preventing multiple log-ins by the same login and password in Moodle?
by Visvanath Ratnaweera -
> we are going to require students to log in with facebook connect so they dont share accounts, then have unique access codes for each student for each course.
If you strip for FB (or any other) it is your affair. But forcing others to do the same is
malicious - as a teacher forcing your students to do that is downright irresponsible!
See "Stallman: Facebook IS Mass Surveillance", https://rt.com/news/richard-stallman-free-software-875/
> Boom!
Wait! I thought, I heard something?
If you strip for FB (or any other) it is your affair. But forcing others to do the same is
malicious - as a teacher forcing your students to do that is downright irresponsible!
See "Stallman: Facebook IS Mass Surveillance", https://rt.com/news/richard-stallman-free-software-875/
> Boom!
Wait! I thought, I heard something?
In reply to Visvanath Ratnaweera
Re: What about preventing multiple log-ins by the same login and password in Moodle?
by Alek Hartzog -
We are a private company and our clientele are college students- they will PREFER using facebook connect exclusively! Means you don't have to enter that annoying login information.
For all that people talk about privacy, if you give 90% of people the option of ease or privacy, guess which one they pick?
In reply to Alek Hartzog
Re: What about preventing multiple log-ins by the same login and password in Moodle?
by Marcus Green -
They prefer ease until a few seconds after their bank account has been fraudulantly emptied and/or their private photos/emails/texts have been exposed. We all have private things. I predict massive facebook related privacy scandals within a few years.
In reply to Marcus Green
Re: What about preventing multiple log-ins by the same login and password in Moodle?
by Visvanath Ratnaweera -
> I predict massive facebook related privacy scandals within a few years.
How about the following for a start?
December 13, 2011
Twenty Something Asks Facebook For His File And Gets It - All 1,200 Pages
-------------------------------------------------------------------------------------------------
http://threatpost.com/en_us/blogs/twenty-something-asks-facebook-his-file-and-gets-it-all-1200-pages-121311
(Found in http://yro.slashdot.org/story/11/12/13/2321224/24-year-old-asks-facebook-for-his-data-gets-1200-pdfs )
How about the following for a start?
December 13, 2011
Twenty Something Asks Facebook For His File And Gets It - All 1,200 Pages
-------------------------------------------------------------------------------------------------
http://threatpost.com/en_us/blogs/twenty-something-asks-facebook-his-file-and-gets-it-all-1200-pages-121311
(Found in http://yro.slashdot.org/story/11/12/13/2321224/24-year-old-asks-facebook-for-his-data-gets-1200-pdfs )
In reply to Visvanath Ratnaweera
Re: What about preventing multiple log-ins by the same login and password in Moodle?
by Matt Bury -
Some interesting debates are emerging on this issue. As far as how corporations are going to monetise the data they collect about us, we're only seeing the begining. The latest one is a couple of banks now require users' Facebook account logins for credit checks.
Wrote an article about the moral a legal issues that we need to address: http://blog.matbury.com/2011/12/11/a-thorny-issue-protecting-teachers-and-learners-right-to-privacy/
In reply to Alek Hartzog
Re: What about preventing multiple log-ins by the same login and password in Moodle?
by Richard Oelmann -
There's a MASSIVE difference between providing a facebook login for the students to use if they prefer it and requiring them to use a system that enforces a privacy policy which is much looser than that which would be expected of anyone providing trainign courses.
What about the situation where one (or more) of your prospective students neither have nor particularly want a facebook account and you are requiring its use to access the course materials? A quick survey of my students (about 60 students across 3 separate classes in 2 year groups) recently showed about 80% do have facebook accounts - but this still leaves 20% unable to access the course provision if I had your facebook requirement to log in. All of those without facebook had (in my opinion) valid reasons for having actively decided not to join facebook, rather than inertia or just not bothering - In these cases I would not be able to justify 'forcing' those students to join a social website which they had actively chosen not to be part of in the past. That said - when it comes to joining an outside website with its own privacy (or not) policy I would say, from my own point of view, that 'I don't want to' is a perfectly valid reason for not having an account!
Hi Alek
> our clientele are college students- they will PREFER using facebook connect exclusively!
I'm not a native speaker, would you pl. explain the use of the word "will" above? I would have thought it stands for the future tense, but there a couple of other possible meanings:
http://en.wiktionary.org/wiki/will#Verb
http://en.wiktionary.org/wiki/will#Verb_2
My obvious question is, if you mean the future, how did you predict it? And how you got the 100% result, the "exclusively" thing I mean?
> if you give 90% of people the option of ease or privacy,
Why do you start with 90%? Which 90% ?
Finally why do you shout (all CAPS), is some thing wrong?
> our clientele are college students- they will PREFER using facebook connect exclusively!
I'm not a native speaker, would you pl. explain the use of the word "will" above? I would have thought it stands for the future tense, but there a couple of other possible meanings:
http://en.wiktionary.org/wiki/will#Verb
http://en.wiktionary.org/wiki/will#Verb_2
My obvious question is, if you mean the future, how did you predict it? And how you got the 100% result, the "exclusively" thing I mean?
> if you give 90% of people the option of ease or privacy,
Why do you start with 90%? Which 90% ?
Finally why do you shout (all CAPS), is some thing wrong?
In reply to John Stremp
Re: What about preventing multiple log-ins by the same login and password in Moodle?
by Adi Tedjasaputra -
I agree that Facebook should be optional, instead of compulsary for being inclusive. Not everyone in the world tattoed their chin with Facebook logo
Open Id may be a better solution than Facebook, but still .. you can't rule out the possibility of students sharing their account access.
Another possible solution is using a digital certificate authentication used for tax return purpose, so someone sharing the access means that they don't mind sharing their tax return information
Mind you John, I think it is more realistic to think that there is a possibility that students will share their account access, unless:
a) you have live sessions requiring each student to present virtually via video conference etc. or
c) you integrate biometrics identification as an additional authentication method to access the account.
With option b), students can still share their accounts by exchanging their eyeballs and/or fingers
In reply to Adi Tedjasaputra
Re: What about preventing multiple log-ins by the same login and password in Moodle?
by John Stremp -
Thank you folks
I will consider to provide a facebook login for the students to use if they prefer. It sounds good. They like to have choice any way.
Meanwhile I found the solution that seems to work good for me - OnlyOnce access-control plugin. It prevents multiple log-ins by the same credentials on Joomla site.
Adi, you shocked me with your idea they can exchange anything you can dream up! It seems they really can...
We have a lot of live sessions and they are safe. So, OnlyOnce helps a lot.
What concerns access to content, surveys and quizes you just can set certain duration time for session to go on after the student logged-out. So, the plugin makes it impossible to use the same credentials with another IP for e.g. 2 hours.
You never can be totally sure. They even can exchange their fingers lol. Any way it is the level of security and peace-of-mind that I need.
In reply to John Stremp
Re: What about preventing multiple log-ins by the same login and password in Moodle?
by John Stremp -
A number of attempts to cheap have been detected and they all failed thanks to OnleOnce. Enjoying to use native solutions for my Joomla-based site now... http://www.joomlalms.com/elearning/january-12-2012-protection-from-cheating-for-joomlalms-based-paid-distance-learning-organization.html
In reply to John Stremp
Re: What about preventing multiple log-ins by the same login and password in Moodle?
by Bob Neuner -
We are also preparing some on-line training that will start out as free (kind of like a "beta" test) but hope to change to a commercial venture at some point. I have considered a number of possible security methods, but none are "fool-proof", and some might just be "down right" offensive to students.
Our solution, is to use the simple security measures already available with Moodle. We'll tolerate a certain level of dishonesty. Our plan is to also monitor usage. If we see a particular account with an unual level of activity, we may limit access. We will also limit the time a course is available. If one student attempts the course, and second person follows them, they may not have time to finish.
Finally, our training course is requirement to work in this particular profession. It requires a certificate. We will be using the certificate plug-in that uses the login name. No login, no certificate, no work.
I watched the "security wars" with Lotus, Excel, Autocad, and dozens of others back in the 80's. They never turned out well. Autocad eventually came to the realization that moderate secure was good enough, and those that hacked the SW eventually became paying customers when they realized the value of the SW and needed the support.
I could be totally wrong, but I don't see the need for putting my students through multiple barriers just to insure nobody cheats.
Besides I hate facebook and think it's evil!
In reply to John Stremp
Re: What about preventing multiple log-ins by the same login and password in Moodle?
by Nadav Kavalerchik -
Checkout old thread : http://moodle.org/mod/forum/discuss.php?d=34457
In reply to John Stremp
Ynt: What about preventing multiple log-ins by the same login and password in Moodle?
by Krizny Kishnek -
The only logical way is to keep track of IP addresses of logged-in users and to compare simultaneous entries.
As far as I know, a Turkish online security company was handing this tool out for free (to encourage security in online trainings.). The link was this.
Sadly I could'nt find the link on the site. But you may try using the "reach us" page.
Regards,
Krishny,