Student-Login Chaos Fueling Software Password Upgrades
In classrooms across the country, teachers hoping to use a dizzying array of educational software programs are hitting a frustratingly mundane speed bump.
"Kids can't remember their usernames and passwords," said Kecia Ray, the executive director of learning technology for the 81,000-student Metro Nashville school system, which has approved more than 500 different software programs for purchase by schools. "As much as you would like to tattoo it on their arm, you can't."
The result, say both educators and ed-tech vendors, is extensive loss of precious instructional time. The rapidly expanding universe of online educational resources, and all the usernames and passwords associated with them, is also creating back-end management headaches for district information-technology officials.
In response, districts such as Nashville are exploring a variety of approaches, including "single sign-on," or SSO, technology that allows both students and teachers to access multiple software programs with just one set of login information. In many instances, such efforts are an extension of existing identity-management strategies, which often include the dozen or so core digital resources used in a district, but rarely encompass the full range of cloud-based classroom tools now being used in many schools.
Some of the most tech-savvy vendors and school officials are also pursuing the creation of "federated identities" for students, in which a single, authoritative digital profile with consistent information about what a child has learned—rather than just login information—follows students from software program to software program.
"It's doable," said John Y. Alawneh, the chief information officer for the 67,300-student Katy Independent School District, outside Houston. "But right now, the majority of districts have identity-management databases in pieces that are very difficult to manage, and when you start adding everything that teachers are actually accessing to the equation, the system basically falls apart."
Saving Instructional Time
Barriers to effective implementation and widespread adoption of such strategies include the rapidly shifting ed-tech landscape and persistent worries about the security and privacy of sensitive student data.
Giving students and educators easy access to the array of educational software programs now used in schools, then managing their digital identities across all those programs, is one of the biggest technology challenges facing school districts.
Districts’ approaches fall into three categories, experts say:
Common usernames and passwords used across multiple software programs
DISADVANTAGE: Leads to simple, easy-to-remember passwords that allow for widespread access to user information and are often written down or otherwise made vulnerable to potential breaches.
Single Sign-On (SSO)
Increasingly popular with schools and districts, allows users to utilize a single set of login information to access an intermediary program that, in turn, manages secure access to a range of other programs.
ADVANTAGE: Such an approach is more secure than common usernames and passwords and can help streamline the user experience. DISADVANTAGE: Creates a “single point of failure” and questions about data privacy emerge when SSO is enabled via integrations with large online service providers, such as Google.
ADVANTAGE: One digital identity for teachers and students that follows them within the district, wherever they go.
DISADVANTAGE: Expanding that approach to include the hundreds of cloud-based instructional tools used by individual students and teachers is a major challenge.
Some fear that centralizing a single set of login information in one service might make it easier for hackers, for example, to target information. The increasingly free flow of other data between software programs has also raised concerns among privacy advocates.
In Nashville, students can now log in to SchoolNet, the district's instructional management system, and from there gain easy access to most of the software programs deployed in their classrooms. Users' identities are authenticated on most software via "active directory," a type of database for registering, authorizing, and authenticating all users on a Microsoft Windows-based network. Students' account information is passed between the learning programs and the student information system via a digital service provided by San Francisco-based startup company Clever.
These days, "if it's any more than one or two clicks and you're in, you're losing instructional time and students' attention," said Ms. Ray.
Many smaller schools and districts, however, cannot afford or effectively manage technologies such as active directory. In part to meet their needs, Clever, already in use in about 20,000 schools in the United States, announced earlier this month that it will offer its own, self-contained single sign-on solution, dubbed "Instant Login."
Now, students and teachers will be able to access the 100 or so software programs that partner with Clever via a single username and password. That could help schools reclaim the valuable minutes currently wasted on logging students in—as much as 25 percent of learning time spent on software, according to a recent teacher survey the company commissioned.
"It's one of those problems that if you're not in the classroom, you might not appreciate what a huge deal it is to teachers," Clever CEO Tyler Bosmeny said in an interview.
In the education sector, a variety of learning management systems and other digital learning platforms now incorporate related SSO functionality. San Carlos, Calif.-based Education Elements was among the first, offering single sign-on to its personalized learning platform beginning in 2010.
The company now provides that service—plus consulting advice on selecting software, organizing classrooms to better incorporate learning technology, and more—to about 25 districts.
"A lot of districts at times get overwhelmed by the amount of contact we get from different [ed-tech] companies," said Cindy Ambrose, the chief academic officer for South Carolina's 40,000-student Horry County school district, which has been using Education Elements for two years to help manage a roster of software programs that runs "several pages long."
In addition to easing the logjam at student login time, Ms. Ambrose said, using Education Elements has helped teachers become more organized and efficient by giving them SSO access to student reports—the result of no longer having to log in to each software program separately, download individual reports, and then merge them manually.
"It's almost like having an air-traffic controller giving your pilots real-time guidance," she said.
D. William Fitzgerald, an educational software developer and advocate of open-source content based in Portland, Ore., said "single sign-on" is often used as a catch-all term to cover multiple approaches to the same problem.
On the low-tech end of the spectrum, for example, schools may sometimes seek to manage multiple logins by having students use the same username and password across multiple software programs. From a password-protection and data-security standpoint, Mr. Fitzgerald said, the technology used by companies like Clever is "definitely a step up."
But as schools and companies pursue increasingly wide-ranging software integration strategies, new privacy concerns are also emerging.
In many cases, students are now able—and encouraged by schools—to sign into educational software using their login information for companies such as Mountain View, Calif.-based online-services provider Google, which has been embroiled in legal controversy over privacy concerns related to its handling of student email messages.
Experts say that connecting to educational software using login information from such companies may allow for the transfer of not just authentication information, but other data as well. Many apps, for example, will automatically request access to users' Google contact lists and account information, Mr. Fitzgerald said, and companies' ubiquitous use of online tracking technologies such as cookies and Web beacons creates "another data stream that goes right back to Google that they can use to cross-reference with any other data they have."
"It makes for a quick and seamless process," he said, "but it also makes it simpler to overlook the privacy policies and terms of services" of the software programs that students are using.
Ultimately, the goal for many in the ed-tech community is to build single digital identities that follow each student everywhere they go, as well as a digital infrastructure that relies on a common set of standards for digital authentication and authorization.
The first big hurdle to that vision, observers believe, will be resolving privacy concerns, likely through a combination of new legislation and policy, better contracting procedures, and the development of new industry standards.
From there, said Mr. Alawneh, the CIO of the Katy school district in Texas, it's a logistical challenge that both vendors and districts will be eager to solve.
"A lot of our teachers are accessing hundreds of external resources, from Google to digital textbooks to resources all over the Web," he said. "They have usernames and passwords for each. It's very challenging, but there's potential for a good solution."
Vol. 33, Issue 33, Pages 1, 16Published in Print: June 4, 2014, as Software Use Fuels Student-Login Chaos