On 26/04/11 15:57, Chris Cormack wrote:
* Nicole Engard (nengard@gmail.com) wrote:
In the US, some libraries require that parents give their children permission to access the system this means that if the child doesn't have permission they shouldn't have a log in - so having all patrons require a log in would be an issue in this situation.
I agree, millions of people around the world have no access to the internet. Making librarians have to make them a login is an unnessecary task. Also, although we would all like this to be untrue, but the vast majority of library users never look at, let alone log into the OPAC. I can imagine that making the login field unmandatory would be the first thing a lot of libraries would ask for.
Having a login and password that is never used by the intended user,and probably therefore never changed, means we make an easier attack vector. For example if we know that pattern of the default login, all we have to do is get the password, reducing the complexity of the attack a lot.
I'm new to koha (and to libraries from the point of view of a librarian) and I haven't noticed what was the intended use for that. So far I'm fiddling with koha installations as superlibrarian and I thought everyone would be doing that or at least searching the catalog. Now I understand why was the way it was and all my rambling is disposable. -- Fernando Canizo (a.k.a. conan) - http://conan.muriandre.com/ GCS d? s:+ a C++ P--- L++++ E--- W+++ w--- M-- PE-- !tv b+++ h---- y+++