[BNM] Anonymous user identification

[Jay Caines-Gooby]

Small bit of background required:

Teachers (who we store username, password, etc details for) login to
the system and create lessons. They will optionally make these lessons
available to their students. The situation we're trying to avoid is
storing any personal data about these primary-school children.

So far the solution I've come up with is quite straightforward to
implement and works a treat: teachers click a link to publish the
lesson for students, and the system generates a shorturl plus PIN. The
teachers tells the students they want to give access to, the URL and
the PIN. When students visit the URL, they're asked for the PIN and
then allowed access.

What I'd like to do next is implement some personalisation. Obviously
I could just set a cookie, but this isn't ideal, as students often
share a computer, and the cookie would then effectively personalise
things incorrectly when a new student used a previously-cookied
session.

I thought about asking the kids to supply a password that we could
then associate with the PIN, and then you effectively get unique
users, but the flaw here is that if you refuse a password (because its
already been created) then effectively letting them know that they're
guessed someone else's password :P

Any other suggestions? I don't want the teacher to have to create
individual passwords. Do you think I'm just going to have to dump the
idea of personalisation?

-- 
Jay Caines-Gooby
jay at gooby.org
+44 (0)7956 182625
skype: jaygooby
gtalk: jaygooby at gmail.com
AIM: jaygooby