[Koha-devel] RFC: Improvements to Koha security and privacy

[Nicolas Morin]

On Wed, Oct 15, 2008 at 8:47 AM, Nicolas Morin
<nicolas.morin at biblibre.com> wrote:
> On Wed, Oct 8, 2008 at 11:49 AM, Krishnan Mani <krishnanm75 at yahoo.com> wrote:
>
>>
>>
>> Improvements
>>
>> To introduce an e-mail workflow requiring patrons to confirm membership.
>
I'm not too sure about that: some might think it places an undue
burden on the patron himself. After all in most cases, the patron will
have come to the library in person and actually given out his email to
the librarian who recorded it in Koha; he might find it a little odd
to have to confirm it.
Besides, you suggest on time passwords to be emailed to the patron and
changed upon first login: will it not act as a confirmation?

I'm all for security improvements. But not at the price of usability
for the user: I think it should be taken care of in the background.

Regards,
Nicolas