[Koha-devel] Request for discussion: bugs 3674, 6220, 6224 and 6218
Chris Cormack
chrisc at catalyst.net.nz
Tue Apr 26 20:57:11 CEST 2011
* Nicole Engard (nengard at gmail.com) wrote:
> In the US, some libraries require that parents give their children
> permission to access the system this means that if the child doesn't
> have permission they shouldn't have a log in - so having all patrons
> require a log in would be an issue in this situation.
>
I agree, millions of people around the world have no access to the
internet. Making librarians have to make them a login is an unnessecary
task. Also, although we would all like this to be untrue, but the vast
majority of library users never look at, let alone log into the OPAC.
I can imagine that making the login field unmandatory would be the first
thing a lot of libraries would ask for.
Having a login and password that is never used by the intended user,and
probably therefore never changed, means we make an easier attack vector.
For example if we know that pattern of the default login, all we have to do is
get the password, reducing the complexity of the attack a lot.
Chris
--
Chris Cormack
Catalyst IT Ltd.
+64 4 803 2238
PO Box 11-053, Manners St, Wellington 6142, New Zealand
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: </pipermail/koha-devel/attachments/20110427/f9e1839f/attachment.pgp>
More information about the Koha-devel
mailing list