Forums | Mahara Community
Suggestion: Better way to Protect identity
05 February 2011, 3:55 PM
I am thinking to use Mahara for my high school kids. However I want to protect their privacy. I know that there is a way to show their profile only for logged in users. But I don't think it is not enough.
I feel need of more flexible ways to protect their privacy.
For example a student wants to show their profile to a potential employer. If the student can give a password to the employer and only those who have the password, they can see the profile.
You may find a better way.
07 February 2011, 12:55 AM
I would not use the profile page to display any portfolio information. The profile is a page that every logged in user can see. It is part of the basic social networking functionality of Mahara: You need the profile page so that logged in users can find you and your portfolio pages.
If you want to share a portfolio with a potential employer (not a Mahara user), have your students create a view in which they put all the stuff they want the employer to see. The students can then generate a secret URL which they can send their employer via email.
Thus, a rule for your students:
- profile page = basic information about yourself, but not a portfolio page
- Anything you want to share with only a select few people (and not the entire Internet or all logged in users) you put into portfolio views where you can control the privacy settings.
07 February 2011, 2:15 AM
Thank you for your reply.
Do a secret URL is searchable? If it is so, Google search will find them and reveal all the information.
07 February 2011, 3:47 AM
No it is not.
You can also protect all your URL from robot search with a "robots.txt" file in the root folder of your web server. See for example http://en.wikipedia.org/wiki/Robots_exclusion_standard for more information.
07 February 2011, 4:01 AM
We've had that discussion some weeks ago. Unfortunately, I can't find it at the moment. If I remember correctly, Don Presant had looked into that issue a fair bit and the important thing there was that a secret URL is not posted on a public web site. If it was only sent via email, Google should not be able to find it. However, as soon as it was linked on a page, Google could find it because then it was not really secret anymore but made available as link openly.
07 February 2011, 10:48 AM
Do you maybe refer to this (http://mahara.org/interaction/forum/topic.php?id=1055) ?
It is true that, unless you give the secret url on a forum or display it publically, there is normally no reason this address to be searched by Google or another search engine. Reading the general conditions for gmail, as for the two others mail providers I personally use, there is no risk that a mail content to being read and indexed.
But, "a secret is something you reveal to only one person at a time", so I would advise Shin to provide access to views, with a secret url, for a limited period of time only; what can be achieved in Mahara in the publishing preferences panel.
07 February 2011, 12:57 PM
Yes! That is the one. Thanks for finding it.
The time restriction on the secret URL is a good point. Just in case you are looking around master.dev and wonder where it went in 1.4: You need to create a secret URL first and then click on the little edit icon. Then you can add a time.