Questions that immediately come to mind:
- “Simply log in with your Facebook account to buy and sell items or services.” How will users deal with the huge problem of scam as anyone with an FB ID can join? For instance, I was almost scammed last summer trying to find a place to stay using a Facebook group called Housing that seemed affiliated with UChicago. Having an FB login (without any other validation that a user belongs to the university or the local community) makes it easier to run such scams.
- What about people (including hundreds if not thousands of international students) who choose not to use Facebook for various reasons?
I do appreciate that a concern previously raised has been taken into account that local community members such as individual landlords can now access this marketplace, but a regular email ID with a securely stored password-based authentication system with manual approval for non-UChicago email IDs would be a better solution.
Previously (November 17, 2015):
For improved security, the re-launched Marketplace no longer requires students to make an account before using it. Now, only a uchicago.edu email is needed to create a listing. Fourth-year Jeremy Archer, Student Government’s Director of Technology, stated that this was because people had been reusing their CNET passwords for the site when creating Marketplace accounts.
How did he know people were reusing their CNET passwords? If the passwords were being stored securely (as any modern web app should do), using the same password as CNetID should not be a security risk.