We have a public facing web site and we have the Active Social Profile View set to Profile Access Option Everyone so users can see one another. We noticed the URL has the user id (i.e. /Profile/asuid/215.aspx). We are concerned that someone could harvest all our user information using the URL. Is there a way to use an encrypted token or some other process to make this more secure or difficult to capture user profiles?

Using Active Social vanity URLs it would only display the vanity name the user selected, instead of their user ID. Example: http://www.activesocial.com/users/ben

However, it really just depends on how you secure your pages. If you have all your permissions set to "everyone" then, yes anyone can just browse the pages and get available information. The profile Info tab is set to friends only by default, and that is the tab with the most personal information.

If you do not truly want Everyone to be able to view the content, you could use the Community or Member roles specified on the Member page of the control panel to secure the content at the page or module level. Or even at the tab level if you are only interested in Profile information.

Ben,
Thanks for your reply. This was very helpful. We are using iFinity Url Master Version 2.5.0 on the site (DNN 5.6.5) do you know of any conflicts using Url Master and Vanity URLs?
Also, I found the Knowledge Base Vanity URL Options: http://www.activemodules.com/active...l-options/
The date was 2009. If there is additional information or more current info can you point me to that?
Thanks again!
Lewis