This is an old revision of the document!
Table of Contents
User Privacy
By default, VuFind collects some user information in order to support user-facing features and to make the user experience more convenient. Configuration options are available to control exactly how much user data is stored.
Privacy Mode
If privacy is your first priority, you can turn on VuFind's privacy mode, controlled by the privacy setting in the [Authentication] section of config.ini. When this setting is turned on, no user data will be stored, but user-oriented features like saved favorite lists and comments cannot be supported. See the comments in the configuration file for more details. This feature was introduced in VuFind 3.0.
Right to Be Forgotten
Even if you do not turn on privacy mode, you can still allow users to remove their own accounts by turning on the account_deletion setting in the [Authentication] section of config.ini. This feature was introduced in VuFind 5.0.
Password Security
VuFind supports the unencrypted storage of user credentials in the database. This is useful for backward compatibility when migrating from VuFind 1.x but its use is STRONGLY discouraged. When you set up VuFind using the web-based installation process, the “security” check will automatically set up password hashing and encryption for you.