Restricted to Gravatar?

Previously on the CogitActive Saga:
The next section – About the user – allows you to enter a short Biographical Info. You can also set a Profile Picture. However, you can only do so using the Gravatar system.

First thing first, what is Gravatar? According to their website, a Gravatar is a Globally Recognized Avatar. Continuing with their definition, an ‘avatar’ is an image that represents you online—a little picture that appears next to your name when you interact with websites. The idea with Gravatar is that you upload [your avatar image] and create your profile just once, and then when you participate in any Gravatar-enabled site, your Gravatar image will automatically follow you there.

Your Gravatar is an image that follows you from site to site appearing beside your name when you do things like comment or post on a blog.Gravatar

“Okay, but what does this have to do with setting my profile picture on my own blog?”

Mystery Man avatar

In fact, WordPress uses the Gravatar platform to handle profile pictures. This means that you can’t change your own profile picture within the WordPress dashboard. Instead, you have to rely on this third-party service. If you don’t have a Gravatar account – i.e. an avatar associated with your e-mail address – then your profile picture will be the so-called “Mystery Man”.

You can change your profile picture on Gravatar.

Even though the Twenty Seventeen theme does not display the Profile picture of the posts’ author(s), I wanted to add one to my newly created user (see Adding a user to my network). On the other hand, after refusing to use two of Automattic’s plugins – Akismet and Jetpackfor the very reason that they require a account, it would not make any sense to create one in order to use Gravatar. Right? So, should I sign up for Gravatar?

Is there any alternative?

Before to look at potential workarounds, let me clarify something. My use case for Gravatar was in regards to the default profile picture for my own user – that is a local use. I was not interested – at first – by its ability to follow me across the online world.

Both way!

Not only is WordPress using Gravatar to handle your own profile picture (locally), but also it integrates Gravatars into every WordPress site1. This means that when people post a comment on your site, their Gravatar will automatically appear next to their name – if they sign up with Gravatar.

What if they didn’t? Well, WordPress allows for you to select what image you would like to display when a commenter does not have a Gravatar account1. While I have set up my blog to Show Avatars (in Settings > Discussion), I opted for the Mystery Person option; meaning that their avatar will default to the Mystery Man if they don’t have a Gravatar account. Instead, I could have chosen one of the “generated” avatars that would have given my users some of the benefits of a Gravatar without requiring them to have a Gravatar account1.

For users without a custom avatar of their own, you can either display a generic logo or a generated one based on their e-mail address.

There are many additional alternatives – in the form of plugins – to this Default Avatar built-in functionality. For instance, some allows the commenters to use their social media profile pictures as their avatar. With others, you can create your own default avatar placeholder (other than the Mystery Man). And so on… I was not interested in any of those.

So, how to add an author’s profile picture without using Gravatar? One of the most popular plugin to do so is WP User Avatar. Once activated, it allows you to use any photo uploaded into your Media Library as an avatar, among many other features. Being compatible with WordPress Multisite, this freemium plugin could have been a good choice indeed. Another great contender was the Avatar Manager plugin that makes it sweet and simple to upload your own avatar (locally). Similarly, the Simple Local Avatars plugin adds an avatar upload field to user profiles. The list goes on and on…

“Using a plugin is also relying on a third-party service. What about coding this yourself?”
“Hold your horses! I’m not a developer.”

Actually, there is a long-running ticket regarding this functionality. That is to be able to upload a custom avatar for a user in the WordPress Dashboard rather than making each user sign up for a Gravatar account and upload the image to that account. The ticket – opened in 2010 – is still receiving many valuable suggestions. In particular, a recurring proposal is to introduce a core option to use profile photo from media library. Sadly, at the time of this writing, such an essential feature is still not available in WordPress core.

At what price?

Admittedly, with Gravatar, you don’t need to maintain an additional Plugin1. However, there are some drawbacks to consider. The first, of course, is that you need to have a account. While the service is used by many (including, Gravatar is – first and foremost – integrated with, the for-profit business owned by Automattic. Should I remind you that the requirement for a account (and the underlying privacy issues) was the one reason why I decided not to use Akismet and Jetpack? Apparently, Gravatar promises not to gather personal information; yet, I was not really thrilled by the idea.

Gravatar is a great idea and a great service. However, having a account should not be a prerequisite to use a core feature, especially something as central and expected as a user profile photo.Morten Rand-Hendriksen

In keeping with privacy issues, a hash of your email address [will appear] in the source code of any website that integrates this service2even if you haven’t signed up . . . at Gravatar.com2. In theory, it is difficult to turn a hash (i.e. the output of a function that converts one value to another; an e-mail into a string in the present context) back into the original value; hence its use in cryptography. However, it is not impossible as explained in the article below:

In short, beyond their concern with the reverse engineering of Gravatar profile pictures into e-mail addresses, they also stress that email hashes may expose your identity across the Web2. As explicated in the article, you can find other websites and services that are used by the individual you are researching.

It’s no secret that the things we do and say online leave behind trails of personal information.American Civil Liberties Union

Fortunately, there are effective options to solve the identity and spam problem that Gravatar presents2. For the identity concern, you should use a unique email address to register on each website you are a member of2 and add it to Gravatar. This is actually relatively easy to implement with aliases3. It is worth mentioning that my – offers an e-mail service (free of charge, when you register your domain name) with unlimited aliases. In regards to the spam issue, you should use a hard-to-reverse-engineer e-mail address (i.e. at least 20 characters long2 with upper and lower-case letters and number2). In keeping with Gandi’s offer, the two mailboxes (included when you register your domain name) come with anti-spam and anti-virus protection, and advanced server-side management rules (sieve filters) among other tools.

If you aren’t particularly technical you may simply trust a website owner who says that your full name and personal information won’t be exposed. With the current way Gravatar works, you run the risk of having that information exposed.Mark Maunder

To finish on a less dramatic note, lack of speed can also be a disadvantage of using Gravatar: for each comment on your page, a call to their servers is made to return the appropriate (i.e. e-mail associated) picture. Accordingly, the more comments you have, the slower the page will load. However, this should not be a huge deal if you have only few comments or if you Break comments into pages (in Settings > Discussion).

The big picture

Unlike standard avatars, Gravatars follow you around the web and automatically appear when you post a comment on a WordPress site.WordPress

While my initial interest was to add a profile picture to my newly created user (see Adding a user to my network), I started – through my readings – to understand the real potential of Gravatar. Using this service can help establish your identity on the web. That is especially true in the increasingly anonymous and crowded digital space. Gravatar gives you instant recognition across the Internet.

By posting quality comments (associated with your image), your online reputation can build in traffic to your site. If you are an active commenter in certain niches, and your comments are helpful, then your site will gain some traction. Add to this a nice online Gravatar profile4 – available through hovercards or on the Gravatar website – and you may start to see how this service can become a not inconsiderable part of your branding strategy.

Admittedly, Gravatar presents some other advantages. As an Administrator, you don’t have to manage user accounts, or their images, for commenters to use Gravatars on your site1. As a user, you don’t need to register for every site you visit just to use a Gravatar1. Of course, it would not be that relevant – Globally Recognized – if not used by many. At the time of this writing, WordPress alone powered 35% of all the websites (with a content management system market share of 61.8%)5; plus there are other services using Gravatar as well.

The best thing about Gravatar is that it gives you a uniform image across all sites or blog where you comment or publish a post; you don’t have to upload your picture to your profile on every blog or forum you are using provided that such site supports Gravatar.Joseph Adediji

From local to global

At that point, I was no more thinking about changing my Profile picture (locally). Again, a pointless task given that my theme would not even display it. Furthermore, I would rather not rely on a third-party service, be it a plugin or Gravatar, for such a non-significant thing. My decision on that matter was to keep the Mystery Man!

CogitActive Logo


However, the use case of Gravatar goes beyond the Profile picture (locally). Its real benefit is revealed when commenting on blogs or participating in forums; in particular, when you seek to establish an online reputation. Gravatar can be a great way to build brand awareness.

What is the price of such a service? Again, data collection and the resulting privacy concern are worth considering. On the other hand, while a bit of paranoia regarding your personal information is healthy, you have to keep in mind that no matter you use Gravatar or not, you will be tracked. In fact, my questioning was an entirely different one (… mind you…): was I ready to accept the cost for this free service, namely a account? After weighting the pros and the cons, I decided to sign up for a Gravatar account.

1 See How to Use Gravatars. ^
2 Mark Maunder (2016) Gravatar Advisory: How to Protect Your Email Address and Identity. Wordfence. ^
3 An e-mail alias is a way to create an additional name for your e-mail account. The alias tells the server to automatically route all e-mail to that address to your usual address. This allows you to create alternative e-mail addresses without having to create another mailbox. In other words, you will receive e-mails for every alias you create, as well as the original e-mail address, in a single mailbox. ^
4 Beware that all Gravatar profiles are made public by default, but you you can easily hide your Gravatar Profile as explained here. ^
5 W3Techs (2019) Usage of content management systems for websites. (last checked: 20/11/19). ^

What do you think?
  • Like 
  • Agree 
  • Disagree 
  • Thank you