[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: EDUML/XML another idea



> I imagined I would use the /etc/shadow or /etc/passwd of the webserver that
> would server online grades.  However, others may want a tag element
> <password> or attribute of <learner  password="xxxxxx">.  If so, how
> dangerous might that be ... after all if the marks are stored in an XML
> file, they have to be just as secure as the student's password...
> 
> So unless anyone objects, I'll include a password element in EDUML v0.6.

Passwords are a pain to administer.  First question, are you going to store
them encrypted or plaintext?  If you go with the latter, then it's easy
for teachers to tell students what their password is, etc.  But it's only
barely secure - anybody that sees the entire file can act as any student.
But if you store them encrypted only, then you can never tell a student
what his password is, you have to write something that changes it on demand
and then tell him what the changed one is.  Something that a teacher might
end up having to do *alot*.

Duane