Difference between revisions of "Email-based self-registration"

Jump to: navigation, search
(clarifying Email confirmation message */)
(tips thanks to Randy Thornton in https://moodle.org/mod/forum/discuss.php?d=233462)
Line 1: Line 1:
 
{{Authentication}}
 
{{Authentication}}
 
The email-based self-registration authentication method enables users to create their own accounts via the 'Create new account' button on the login page. They then receive an email at the address they specified in their account profile to confirm their account.
 
The email-based self-registration authentication method enables users to create their own accounts via the 'Create new account' button on the login page. They then receive an email at the address they specified in their account profile to confirm their account.
 
[[File:Emailbased.png]]
 
  
 
==Enabling email-based self-registration==
 
==Enabling email-based self-registration==
  
An administrator can enable email-based self-registration in ''Settings > Site administration > Plugins > Authentication > Manage authentication''.
+
An administrator can enable email-based self-registration in ''Administration > Site administration > Plugins > Authentication > Manage authentication''.
  
 
In addition to enabling the plugin, email-based self-registration must be selected from the self registration drop-down menu in the common settings.
 
In addition to enabling the plugin, email-based self-registration must be selected from the self registration drop-down menu in the common settings.
  
Warning: Enabling self registration results in the possibility of spammers creating accounts in order to use forum posts, blog entries etc. for spam. This risk can be minimized by limiting self registration to particular email domains with the allowed email domains setting in ''Settings > Site administration > Plugins> Authentication > Manage authentication''. Alternatively, self registration may be enabled for a short period of time to allow users to create accounts, and then later disabled.
+
Warning: Enabling self registration results in the possibility of spammers creating accounts in order to use forum posts, blog entries etc. for spam. This risk can be minimized by limiting self registration to particular email domains with the allowed email domains setting in ''Administration > Site administration > Plugins> Authentication > Manage authentication''. Alternatively, self registration may be enabled for a short period of time to allow users to create accounts, and then later disabled.
  
 
Note: The Email-based self-registration authentication plugin must be enabled to allow users who previously self-registered to login. Selecting Email-based self-registration as the self registration method allows potential users to self register.
 
Note: The Email-based self-registration authentication plugin must be enabled to allow users who previously self-registered to login. Selecting Email-based self-registration as the self registration method allows potential users to self register.
 +
 +
{|
 +
|[[File:Emailbased.png|thumb|left|Login page with 'Create new account' button]]
 +
|}
  
 
==Enable reCAPTCHA element==
 
==Enable reCAPTCHA element==
Line 22: Line 24:
  
 
In addition to enabling the reCAPTCHA element, email-based self-registration should be set as the self registration authentication plugin and reCAPTCHA keys should be set in the manage authentication common settings.
 
In addition to enabling the reCAPTCHA element, email-based self-registration should be set as the self registration authentication plugin and reCAPTCHA keys should be set in the manage authentication common settings.
 
==Support contact==
 
 
An administrator can specify a support name, email and/or support page in ''Settings > Site administration > Server > Support contact'' for including in the confirmation email.
 
  
 
==Email confirmation message==
 
==Email confirmation message==
Line 33: Line 31:
 
You can change this text in ''Administration > Site administration > Language > Language customization'' by choosing the appropriate language pack. selecting 'moodle.php' from 'core' and searching for the string identifier name 'emailconfirmation' and editing it with a local customization.
 
You can change this text in ''Administration > Site administration > Language > Language customization'' by choosing the appropriate language pack. selecting 'moodle.php' from 'core' and searching for the string identifier name 'emailconfirmation' and editing it with a local customization.
  
[[File:emailconfirmationstring25.png|border]]
+
{|
 +
|[[File:emailconfirmationstring25.png|thumb|Editing the email confirmation message]]
 +
|}
 +
 
 +
==Support contact==
 +
 
 +
An administrator can specify a support name, email and/or support page in ''Administration > Site administration > Server > Support contact'' for including in the confirmation email.
 +
 
 +
==Tips==
 +
 
 +
* Check your user list regularly for spammy/suspect names/emails and/or users in the system but not enrolled in the course
 +
* Disable [[Blogs]] unless actually using them; some spambots know how to post there
 +
* Enable some sort of login failure notification in ''Administration > Site administration > Security > Notifications'' so you can see who is having login issues
 +
* Check ''Administration > Site administration > Reports > Spam cleaner'' from time to time
  
 
==See also==
 
==See also==

Revision as of 10:05, 31 July 2013

The email-based self-registration authentication method enables users to create their own accounts via the 'Create new account' button on the login page. They then receive an email at the address they specified in their account profile to confirm their account.

Enabling email-based self-registration

An administrator can enable email-based self-registration in Administration > Site administration > Plugins > Authentication > Manage authentication.

In addition to enabling the plugin, email-based self-registration must be selected from the self registration drop-down menu in the common settings.

Warning: Enabling self registration results in the possibility of spammers creating accounts in order to use forum posts, blog entries etc. for spam. This risk can be minimized by limiting self registration to particular email domains with the allowed email domains setting in Administration > Site administration > Plugins> Authentication > Manage authentication. Alternatively, self registration may be enabled for a short period of time to allow users to create accounts, and then later disabled.

Note: The Email-based self-registration authentication plugin must be enabled to allow users who previously self-registered to login. Selecting Email-based self-registration as the self registration method allows potential users to self register.

Login page with 'Create new account' button

Enable reCAPTCHA element

New account form with CAPTCHA element

A CAPTCHA is a program that can tell whether its user is a human or a computer. CAPTCHAs are used by many websites to prevent abuse from bots, or automated programs usually written to generate spam. No computer program can read distorted text as well as humans can, so bots cannot navigate sites protected by CAPTCHAs.

Spam protection may be added to the email-based self-registration new account form with a CAPTCHA element - a challenge-response test used to determine whether the user is human.

In addition to enabling the reCAPTCHA element, email-based self-registration should be set as the self registration authentication plugin and reCAPTCHA keys should be set in the manage authentication common settings.

Email confirmation message

An automated email confirmation message is sent to the user using the support contact email address.

You can change this text in Administration > Site administration > Language > Language customization by choosing the appropriate language pack. selecting 'moodle.php' from 'core' and searching for the string identifier name 'emailconfirmation' and editing it with a local customization.

Editing the email confirmation message

Support contact

An administrator can specify a support name, email and/or support page in Administration > Site administration > Server > Support contact for including in the confirmation email.

Tips

  • Check your user list regularly for spammy/suspect names/emails and/or users in the system but not enrolled in the course
  • Disable Blogs unless actually using them; some spambots know how to post there
  • Enable some sort of login failure notification in Administration > Site administration > Security > Notifications so you can see who is having login issues
  • Check Administration > Site administration > Reports > Spam cleaner from time to time

See also

Using Moodle forum discussions: