The OpenScience Laboratory The Open University

iSpot Forum

Identity security

Way back in the day when iSpot was being set up an important principle was to make it quite hard to get someones personal contact details out of the system (in part to make it relatively safe for children to use).

In that context I noticed this user (https://www.ispotnature.org/view/user/14028) who provided a helpful ID on one of my identification has a personal email address as a user name. I’m wondering if that is something iSpot should try to prevent if it is still following the philosophy it originally did.

I think it should be discourage, at the least. I’ve commented on the past about people using their email address as a user-name, not always with a positive response.

That’s a very good observation David and we should certainly change the code so that anything that looks like an email address shouldn’t be permitted in publicly-viewable fields.

Over the years quite a number of email addresses as usernames have been changed. In the past year I have done perhaps 3 or 4 (after consulting the people involved). It is usually people not realising how to set things up or realising the problems about using emails on public websites.
However there are a few who do want to keep their emails on show and this person may be one of them to indicate that Natural England are interacting with iSpot on an ongoing basis.

Which I think is fine, I just know that in the past iSpot was really down on this sort of thing but if the policy know allows exceptions that’s all great.

In practice it doesn’t make that much difference, suspect most people could find an email address for me in about 5 minutes just given my name and the details of where my observations are from.