New Student Management Feature (and a warning!)
Teachers using Duolingo for Schools are now able to reset their students' passwords for them!
Many of you have asked and had students forget their passwords, causing delays and issues in class. We have listened to your feedback and requests and have now enabled this ability. \o/ We are hoping that this will help you all have an even smoother school year. ;]
Of course, this means that you need to have extreme caution when joining classrooms "for fun" -- which you can of course do if you like, just make sure the "teacher" is someone you trust, as they will have the ability of changing your password, post on your behalf, changing your privacy settings, removing your profile, and make other changes to your account.
Joining a Duolingo classroom is completely optional, and we cannot take responsibility for any account issues caused by this if you choose to join one. However, if you suspect a user is abusing Duolingo for Schools, you can always let us know at firstname.lastname@example.org (make sure you include evidence in form of links and screenshots), and we can take action on their accounts as well.
To see if you are in any classrooms (and to remove yourself from them), you can visit "Progress Sharing" in your Settings page. Here is the link. Your teacher will be notified, so only do this if you are not in an actual classroom!
Happy learning and let's get this semester going!
Given the fact that since this feature was introduced several accounts have been hijacked using classroom links could Duolingo please reconsider this feature.
I appreciate that teachers may have problems if a pupil forgets their password but maybe the solution to that is for the teacher to compile a list of students' passwords to be kept in a secure system for retrieval if needed. The teacher could then simply tell the student what the forgotten password is and everyone else would be protected against misuse.
Surely the security of the hundreds of thousands of non-student accounts is worth consideration also? and it is no good saying that a warning was issued when the feature was introduced, because the majority of users have no reason to read the educators forum at all and therefore, remained and still remain unaware of the change.
There is a world of difference between allowing a trusted friend to see your learning activity, particularly if you have no private information other than a dedicated Duolingo email address on the account and giving anyone, however trusted, control over fundamental changes to your account.
Furthermore, once a trusted friend's account has been compromised, even if you have no problem with giving the friend that power, knowing that they won't use it, you have no reason to realise that it was not the friend but the usurper who had issued the link.
Please Duolingo, for the benefit of the majority of your users, reconsider this insecure and easily misused feature. Thank you.
As far as I'm aware, all that happened was that the mods removed any posts in the General Forum, which asked people to join a classroom. I don't know of any other steps which have been taken to protect ordinary users and this is not much use as it takes seconds (quite literally) to hijack an account but could be hours before a mod sees the post.
Then perhaps you will understand that part of my point was that the general users had no way of knowing it was intended for educators only, particularly as Duo permits anyone who feels like it to start a classroom. This is a massive security flaw which should have been addressed long ago but Duo seem oblivious to the safety of their general users; not a great attitude to take on their part.
DL is catchy and this classroom feature is great. I would have a suggestion related to the classrooms: when the teacher checks the "Leaderboard" it would be nice to have the evidence of only those XPs which are gained in the corresponding language. For example, I have students which use DL to learn on their own a different language from the one which we learn in the class. The displayed XPs for these students are confusing, because the weekly/monthly achievements contains the XPs gained in all the languages, not only in the classroom specific language. So it is hard to follow their evolution. Thank you!
When you are at the schools.duolingo.com website, open the classroom, then click "classroom settings" in the menu on the left side of your screen. There you can set the classroom language. This way you can limit the information you receive from Duolingo to just that language you want to focus on.
That is really great. Additionally, I would really like for the assignment XP to be more flexible, would be nice to have something between 200 and 1000 xp, something like 300, 500 and 700 would be nice for those students that want more practice but not so much that it bogs them down. I know for now this can be achieved with shorter 200 xp assignments or very long 1000 xp ones, although I have noticed that when assignment deadlines are either too soon or too far in the future, pupils tend to give up on them or forget about them. Again what a great feature guys!
Edit: well, as a casual classroom owner I am not sure I want this kind of password responsibility :D
I was thrilled to discover this new feature for teachers! It has been a lifesaver this year and makes getting my younger students on Duolingo much more realistic. I used to spend countless hours outside of work responding to parent and student requests for help regaining access to their accounts. Now instead of multiple emails explaining the password reset process and then having to help kids remember the password to their school email address I can just click reset and fix the problem in moments. This is especially helpful as my students have often mis-typed their school email address when we initially set-up their Duolingo accounts which then makes the traditional email link for reseting a password impossible. Students would be devastated when they realized the problem and had to lose all their progress from the previous year and set up a new account with their email address correctly typed. Thank you Duolingo again and again for this new feature!
I have a different problem. A student created his account using a classmate's name and adding #2; but using his real email. I want to either (a) rename the userid or (2) create a new account; I guess DL won't allow opening a 2nd account with the same email. And it is probably impossible to change a userid. What options do I have? I'm not talking about passwords, just userids.
I have been using the new assignments tool where you can do a start date and end date. For the past 2 weeks, several of my classes are opening on the start date, but several of them are "pending". I was told my someone from Duolingo to not do anything with the "pending" assignments so they can see what is going on, but no one has responded to my messages from last week. How do I get you the information so you can see what is happening? My students are working on the assignments over the weekend, but it is not counting because it is not open. Help would be appreciated.
I have witnessed students taking a hold of their teacher's passwords and getting carried away from there.... like in 6th grade when my friend found out my social studies teacher's database password, empowering him to be able to change grades and stuff, but fortunately he wasn't that crazy
Sadly, not true. If anybody has control over your account in the way this system allows, they can change your password, sign out and you will be unable to sign into it yourself as your original password won't work, you will be locked out of your own (now hijacked) account.
Despite this Duo does nothing to change the current insecure system to a more secure one.
Less than one week after setting up a classroom, one of my students has had a follower with the user name "hot teacher". Might I suggest that if you wish teachers to use this application, then you need to provide a warning to disable the social functions when the classrooms are set up? I am also of the opinion that nobody should be able to have that username on an application aimed at schools. It is a huge safeguarding issue and I have just had to have a very distressing conversation.