Security is an important basis of Clever’s promise to schools, so we strive to provide all the transparency necessary to assure you that the data we steward, and the methods your users use to access their applications, are safe.
For more information on our security considerations around Clever Badges, please see our Engineering Blog on Clever Badges & Our Commitment to Security.
How do Clever Badges impact security in the classroom?
In K-2 classrooms today, passwords are usually printed and distributed to students, perhaps on a student’s folder or on a list on a teacher’s desk. These passwords are often trivially guessable, and in some cases, the passwords are the same for every student.
Anyone who has a printed Clever Badge, or a photo of one, can use it to log in. Thus, Clever Badges have a ‘physical access’ attack surface that is very similar to that of passwords printed and distributed by teachers. However, Clever Badges are significantly more resistant to brute forcing or password guessing than simple passwords.
Badges don’t necessarily help with other security problems, like phishing. Also, there is always a risk in handing out physical credentials, so make sure your teachers read the security tips on our teacher guide.
Our primary goal with Clever Badges is to make it easier for young learners to log in. We believe that Badges make a better security and usability trade-off in K-2 classrooms than existing password systems do today. We know from experience that not all users make the same risk decisions. So while Clever Badges will be a better overall choice at some schools, it may not be right for others.
How can I keep my Badges secure?
Here’s a few tips on how to keep your Badges secure:
- Limit the number of people who have access to the Badges PDF file. Don’t store the file in a location where people who don’t need it can access it, like a district- or school-wide file share.
- Permanently delete the PDF file (e.g. empty the recycle bin) after you have printed it.
- Emails are usually transmitted without encryption. Generally speaking, we encourage you to never email anyone an image of a badge. If you do email Badges PDF files, be aware that they may be viewable. For more information, please see Wikipedia’s article on email privacy.
- Keep Clever Badges in the classroom. To access applications outside of school, students can manually log in at your district’s portal URL
- Invalidate lost Badges as soon as possible to prevent unauthorized logins
- Don’t let students take pictures of their Clever Badge or borrow badges from one another
Can a Badge be forged?
Technically, it is possible, but it would be extremely difficult! Part of the data encoded by each Badge is a 12-byte token, generated using a cryptographically secure random number generation algorithm. 12 bytes of entropy means that, on average, you’ need 2^(12*8)/2 attempts to guess the token - approximately 40 octillion attempts. Even if someone made one million guesses per second, it would take over a quadrillion years to guess.
What happens when a Badge is stolen or lost?
Teachers and administrators can void Badges using the Clever Dashboard. When a Badge is voided, the record is regenerated in the database and the old badge can no longer be used to log in. Clever uses the sequence number in the Badge to track Badges from generation to usage, to help clarify situations where badges have been improperly used.
How secure is Clever?
We’ve built security into our infrastructure at the software and network levels to ensure that student data is secure. Clever performs security audits and code review as part of our development process, and we run a bug bounty program to reward researchers who responsibly disclose vulnerabilities to Clever. For more information on Clever’s security practices, check out our Security Whitepaper.