PBS KIDS: Building a login system for kids and teens in Python
- Type:
- Talk
- Audience level:
- Novice
- Category:
- Industry Uses
March 9th 10:50 a.m. – 11:30 a.m.
Description
Our challenge was to create a login system for little people who might barely read, maybe no email, perhaps no home computer. And we had to watch out for privacy laws - especially tough for minors. But these kids want to play games, write stories, and create online avatars to share and compete against their buddies. Listen to how we developed the PBS KIDS login and moderation system in Django.
Abstract
PBS KIDS website overview
- Types of games and activities online
- Stats - 1.5 millions video streams a day
Who comes to PBS KIDS?
- Ages 2-17
- Some don't have a home computer
- Generally divided into two age groups
Why do we need a login system?
- Humans like to see progress
- Competition with friends
- User generated content
Challenges
- Children's Online Privacy Protection (COPPA)
-- Cannot store emails
-- No personally identifing information
- Additional standards we hold ourselves to
-- Foul language
How this is different than other login systems
- No emails
- No password recovery by email
- No complex questions
- No Mother's maiden name or high school mascot questions
Moderation
- Every username and user generated content must be moderated
- Time committment
- Cannot be automated, but automation can help
Our solution - Picking a username
- Namespace collisions
- Alternate suggestions
Passwords
- Research about password length and memory retention
Secret Code
- Using visual representation instead of questions
- Security integrity: size of brute force search space
How to remember
- Cookies are set, but watch out for public computer
- Messaging and instructions
Architecture
- System loads and configuration
- Python/Django custom implementation
- Performance statistics
Moderation
- Django adminstration
- Implications on how to handle un-moderated content
More
- Compatible with PHP, Flash, Ruby
- Cross site login challenges