How to implement parental oversight for web user accounts?

Question

Say, a mother has an account on an educational web platform. She now wants her 12 year old daughter to also use the platform. But as the daughter is a minor, her mother wants an oversight into the daughter's account to identify bullying, threats and abuse.How would a web authentication and account management system be built for this requirement? What should be taken into consideration when building such a system?One way to achieve this is to let more than one person access the account(in the above example both mother and daughter can access the daughter's account, even simultaneously). But this could give rise to lot of security issues. How does one mitigate that? Or are there better ways to implement parental oversight into web accounts?

detaro · Accepted Answer

A big worry with this kind of thing is how control is established, e.g. to prevent the feature to be used abusively it needs to be obvious to anyone using the "child" account that it is under control.If your structure allows implementing this cleanly, allowing the parent account to gain a (read-only?) login session to the child account could be an option.

high_byte · Answer

sharing the account probably had the least security issues, considering the alternative is probably a proxy data processor & relayer. with respect to security the question is whether this proxy is the mom or some 3rd party provider. but I assume some automation is desired, in which case there are some companies that attempt to create such solutions but I cannot think of recommendations.