Anonymity and Security
This page explains anonymity and security issues for A.A. members.
Anonymity – Required Information
Anonymity is the spiritual foundation of A.A. It means that you, as an individual, have the right to your personal identity. The only information you are required to give that might identify you personally is the email address However, if you are concerned about even this level of exposure, you can set up a ghost email account (See below). Whatever email address you give, that will be the destination of all official contact from the openAAminds to you.
In addition to your email, you will be required to provide a username, your home group, location and the name you are known by in the group (such as Mary M). This allows other Members to identify you as a member but not as a person.
Protecting Your Email Address
The only person who has access to your email address is the Administrator. The ony exception to this is when a technical person requires administrative access to the site.
Setting Up a Ghost Email
This section outlines how to set up a ghost email with an email provider. First, go to go to a web email site like Google, Hotmail, Yahoo, etc., and create an account with an obscure name like mistermystery and use that account for this site. For convenience most providers allow you to have the ghost account forward emails from your ghost email to your regular email account; alternatively, you can save the ghost account just for this site.
Anonymity – Optional Information
Your account profile will allow you to enter information about yourself. You can enter a lot, a little, or nothing at all. You have complete access to Portal content with only the required information noted above.
Access to almost all information is restricted to users with an account. Your postings and comments are not visible to non-members. All members of A.A. who support our concept of inclusive A.A. may open an account.
Everything you enter on the site is visible to Members only.
All reasonable efforts have been made to ensure the security of the site. In addition to requiring user accounts, the site is protected with SSL security which encrypts all transmission back and forth. Even users who log into their accounts on public, insecure networks such as those found in coffee shops and malls will have their sessions fully encrypted and protected.
However, no site on the internet is totally immune to efforts to breach its security. The measures we have taken mean that it would take sophisticated tools and a lot of effort to hack the site. There are two reasons why hackers breach sites: money and challenge. There is little or no financial reward to be achieved by breaching the site and it is hardly the type of breach that a hacker would brag about. The chance that our site would become the target of such an attack are very, very low.
Additional security is provided by the fact that a user can only change his or her password using the email account associated with the account. The permission is sent to that email, so an intruder would be unable to request a password change unless they had also managed to breach the email account associated with your account.
Finally, all sessions will be automatically logged out after a period of inactivity; there is no option for a user to remain logged on indefinitely. Initially, that period is 15 minutes. If any change in the automatic logout period is made, all users will be informed of the change.
Of course, a protocol for backing up the site on a regular basis is in place.
If you are uncomfortable with this level of security, do not create an account until the experience of others gives you the confidence to proceed.