Hi,
Have a paid moodle course - 2.8 and am using wisdmlabs moodle / wordpress integration plugin. A nice plugin but there are no IP restrictions built into the plugin. Thus, someone who pays for the course could very easily share their login credentials with a family member or friend, which would give them the course for free.
Does anyone know a solution to this problem? Thank you! joseph
The only way to prevent someone giving log in credentials for a site to another user would be to implement biometrics such as finger prints, facial recognition or iris scanning!
Anything that just requires typing in can be given to another user - user names, passwords, security keys, even bank style card readers that provide a second key could be shared.
Even if you had IP restrictions, there's nothing to stop a user inviting a friend or family member to sit at their computer and do the same thing - besides, unless you can guarantee that the paid up user always has the same IP address (mine changes from my ISP frequently) then that kind of restriction would have the opposite effect.
The best solution probably comes from the learning design of the course - for example:
Thanks Rich!
It appears this works and can help you.
You can use Unique login plugin which allows only one user session at a time.
The crucial phrase there being 'at a time'
One session per login credential, thus you can have an entire class using the course hence in session, but there is only one session per login credential.
Yes, but my point was that once that user has logged off, someone else can use the same credentials. That creates a new session and allows the second person to use the first user's credentials, just not at the same time.
"The goal of this authentication plug-in is to make sure that each user in Moodle only has one active session simultaneously."
If that's fine and works for you, that's great, but its not what you appeared to ask in your original post. There is still nothing to stop the users sharing their credentials, only to stop using them at the same time. That will work, if its in combination with some of the things I suggested such as synchronous activities such as chats, but won't prevent multple users of the same account accessing resources. Again, not a problem if it works for you, so long a you are aware of that fact.
Right, I agree and understand. I did originally seek the ideal situation where it would be protected whether simultaneous or not. I'm just saying the simultaneous aspect is better than nothing. Thereafter apply some of the principles or tools and you and others suggested. joseph
Hi There,
You can use Unique login plugin which allows only one user session at a time.
https://moodle.org/plugins/view/auth_uniquelogin
Hope it helps!!
Jaswinder Singh
I think the 'one session per user' feature is built in to one of the newer moodles (2.8 or 2.9), as something you can activate.
People sharing usernames/passwords that you don't use as a central signon one, hard to stop - we have staff/students use their network login, and if they share that they are breaking college IT policies which can earn them disciplinary action (so is a pretty good reason for them not to do so!).
Thanks for your insight David. It appears this works as well - You can use Unique login plugin which allows only one user session at a time.
Thank you very much! I did it and it appears to be working. God Bless!