Email-based self-registration

From MoodleDocs
(Redirected from auth/email)

The email-based self-registration authentication method enables users to create their own accounts via the 'Create new account' button on the login page. They then receive an email at the address they specified in their account profile to confirm their account.


Overview of the process

Enabling email-based self-registration

  1. Go to Administration > Site administration > Plugins > Authentication > Manage authentication and click the crossed-out-eye icon opposite email-based self-registration
  2. Select email-based self-registration from the self registration drop-down menu in the common settings (further down the same page, underneath the authentication plugins)
  3. Click the 'Save changes' button

Warning: Enabling self registration results in the possibility of spammers creating accounts in order to use forum posts, blog entries etc. for spam. This risk can be minimized by limiting self registration to particular email domains with the allowed email domains setting in Administration > Site administration > Plugins> Authentication > Manage authentication. Alternatively, self registration may be enabled for a short period of time to allow users to create accounts, and then later disabled.

Note: The Email-based self-registration authentication plugin must be enabled to allow users who previously self-registered to login. Selecting Email-based self-registration as the self registration method allows potential users to self register.

You may change the text that appears under "Is this your first time here?" in two ways:

  1. Add text in the Instructions box found in Site administration ... Plugins ... Authentication ... Manage authentication or,
  2. Use the Language Customization tool to edit the language string 'loginsteps' found in moodle.php. Note, this string is different from 'loginstepsnone', which is the string used for No Authentication registration.
Login page with 'Create new account' button

Enable reCAPTCHA element

New account form with CAPTCHA element

A CAPTCHA is a program that can tell whether its user is a human or a computer. CAPTCHAs are used by many websites to prevent abuse from bots, or automated programs usually written to generate spam. No computer program can read distorted text as well as humans can, so bots cannot navigate sites protected by CAPTCHAs.

Spam protection may be added to the email-based self-registration new account form with a CAPTCHA element - a challenge-response test used to determine whether the user is human.

In addition to enabling the reCAPTCHA element, email-based self-registration should be set as the self registration authentication plugin and reCAPTCHA keys should be set in the manage authentication common settings.

Email confirmation message

An automated email confirmation message is sent to the user using the support contact email address.

You can change this text in Administration > Site administration > Language > Language customization by choosing the appropriate language pack. selecting 'moodle.php' from 'core' and searching for the string identifier name 'emailconfirmation' and editing it with a local customization.

Editing the email confirmation message

Resending the confirmation email

A button is available for new users to have their confirmation link resent if they cannot find the email, or if they access it beyond the deadline.

docsresendconfirmationemail.png

Support contact

An administrator can specify a support name, email and/or support page in 'Support contact' in the Site administration for including in the confirmation email. If left blank, the name of the primary administrator is used.

Tips

  • In case you are developing on localhost, of course, you cannot have the confirmation email sent, DO NOT PANIC, Calm down.
    • Signin to your Admin account
    • then go to > Siteadministration >Users >Accounts >Browse List of Users,
    • then you will see a list of users and chose to resend email or confirm user.
  • Check your user list regularly for spammy/suspect names/emails and/or users in the system but not enrolled in the course
  • Disable Blogs unless actually using them; some spambots know how to post there
  • Enable some sort of login failure notification in Administration > Site administration > Security > Notifications so you can see who is having login issues
  • Check Administration > Site administration > Reports > Spam cleaner from time to time
  • Potential users may not receive the account confirmation email due to it ending up in the spam folder, being refused by the remote server, an invalid email address entered etc. Such accounts may be confirmed manually by an admin.

See also

Moodle in English forum discussions: