moderated Re: Moderator privileges


Max H.
 

It's not so much a matter of trust as a matter of security. I mean, if you trust your moderators, why not just give them your Groups.io login? Well, first because sometimes it helps to see who did what, but also that's more of a security risk. There's no reason to give everyone the ability to delete the group, so we don't allow moderators to do that, unless you trust them enough to be co-owners with you. So we already have a tiered system, even though there are only three tiers right now. I say three because you can also block the public from doing some things that members can do. 

It may not be a problem for most groups, but if you have a large enough group of people who have only met via the internet to communicate about a shared interest, it might be wise to only give them access to what they need to do. The more people have access to secure areas that they don't need, the more likely that a compromised account could really compromise your group, too. It's just good security practice.

Do we need this level of granularity? It probably depends on the group, but I'm guessing most don't, and for those that do, they can get by alright 99% of the time without it. That's the way security works, you usually don't need it...until you do. As someone who manages government websites to pay the bills, of course I lean towards granularity -- the owner or owners should be able to assign the access each moderator needs to accomplish their part, no more, no less. (That includes expanded access for "backup" mods who might not normally, say, access the database, but are trained to do so in case the DB mod goes away on vacation.)

Join main@beta.groups.io to automatically receive all group messages.