When you give your child their own aitutors.me login, you're not handing over control — you're keeping it. You set the password. You can reset or revoke it in a tap. A signed-in child reaches only their own learner home, never your billing or a sibling's data. And if someone tries to guess the password, the account locks itself. The whole model is built so a child can have their own front door while you hold the keys.
"Their own login" can sound like a loss of oversight — a teenager with a password you don't know, roaming somewhere you can't see. That's not what this is. A child login on aitutors.me is a sub-account: a narrower view of an account that remains entirely yours. This article walks through exactly how that stays safe, because peace of mind should come from understanding, not just from a reassuring word.
You own the login, start to finish
There's no route by which a child sets up an independent account behind your back. You create the login from the Children page of your dashboard, and you set the initial password. When you do, it's marked so your child is prompted to change it to something only they know on first sign-in — a normal, healthy habit — but you can always reset it back if they forget or if you need in.
You are the account holder and the consent-owner throughout. That's not just a nicety; it's how we meet UK data-protection expectations for children, where the parent is the responsible party rather than the child. If you want the legal grounding, UK GDPR and Your Child's AI Tutor covers it, and Is AI Tutoring Safe for Kids? covers the wider safety picture.
If you haven't set a login up yet, Giving Your Child Their Own Safe Login is the step-by-step.
What a signed-in child can — and can't — reach
The strongest safety feature isn't the password at all. It's that a child login opens only the learner home. There is no menu path from a child's session to your billing, your subscription, your data settings, or another child's information — those pages belong to the parent dashboard, and a child session can't render them.
| Your child's login can reach | Your child's login can never reach |
|---|---|
| Their own tutor and sessions | Your billing or subscription |
| Their goals and Heddy points | Your data and privacy settings |
| Their own progress report | A sibling's data or progress |
| The reward Emporium (to request) | The ability to spend points without you |
So even if a password were shared or guessed, the blast radius is one child's learner home — not your card details, not the family's data. That containment is the point of the two-view design.
Lockouts: the guard against guessing
Children share devices, and siblings are curious. So the login has a simple, familiar defence: repeated failed sign-in attempts lock the account. Once locked, no one can sign in — not with more guesses, not by waiting — until you unlock it from your dashboard.
It's the same principle as your phone locking after too many wrong PINs. It quietly stops a younger sibling poking at an older one's login, or anyone trying passwords in turn. If your child genuinely locks themselves out (it happens — a forgotten new password), you simply reset it and they're back in. A lockout is an inconvenience, never a lost account.
Reset and revoke: two buttons that matter
From the Children page you always have two moves:
- Reset password — for the forgotten-password evening, or if you ever suspect a password has been shared too widely. You set a fresh one; the old one stops working.
- Revoke — switches the login off entirely. Revoking immediately signs the child out everywhere and reverts them to using the tutor on your device, as if the login had never existed. It loses nothing: every session, point and report stays safe under your account, because it always lived there.
Revoke is the button that makes the whole thing feel reversible. Giving a child a login is not a one-way door. If it stops suiting your family — too much independence too soon, a device you'd rather they didn't sign into — you undo it in a tap.
A sensible way to set it up
- Choose a password that isn't a sibling's name or a birthday, and let your child personalise it on first sign-in.
- Keep the username simple — a first name and initial is plenty.
- On a shared device, sign your child out when they're done, so the next person meets a sign-in screen, not their open account.
- Revisit it each term. Younger children may not need a login at all yet; older ones grow into one.
FAQ
Who controls my child's password?
You do. You set the initial password from your dashboard, and you can reset or change it whenever you like. Your child's login is a sub-account you own, not an independent account they control on their own.
What happens if someone tries to guess my child's password?
The account locks after repeated failed attempts. A locked account can't be signed into until you unlock it from your dashboard. It's there to stop a shared-device sibling or a curious guesser brute-forcing their way in.
Can I switch off or remove my child's login?
Yes. You can revoke a child's login at any time, which immediately signs them out everywhere and reverts them to using the tutor on your device. Nothing is lost — their progress and points stay under your account.
Related reading
- Giving Your Child Their Own Safe Login
- Is AI Tutoring Safe for Kids?
- UK GDPR and Your Child's AI Tutor
Duke Harewood built aitutors.me for his own KS3-aged daughter. He wanted her to have a space that felt like hers, and wanted to keep the keys — the reset and revoke buttons are there because he'd want them too. Updated 09 July 2026.