Managing password security requirements

Have more questions? Submit a request

  This is a recent product change!

The password requirements discussed below have been recently implemented (as of August 2024). You can continue to use your existing Catapult LMS password(s), but if you need to change your password going forward, your new password will need to meet the criteria below.

Password security requirements

Catapult LMS requires that all user passwords meet the criteria below;

  • All passwords must be at least eight (8) characters in length.
  • All passwords must contain at least one uppercase letter.
  • All passwords must contain at least one lowercase letter.
  • All passwords must contain at least one number.
  • All passwords must contain at least one special character (e.g. % # ! ~).

Additionally, Catapult LMS will not allow you to reuse one of the last five passwords you have used.

These requirements have been implemented to improve security and protect users from unlawful access.

Force rotate passwords option

As part of this release, we are also providing an additional security setting, which Admin users can enable for their account if desired.

The "Force rotate passwords" option is an organisation-level setting. If enabled, this setting will require users to change their passwords after a specified number of days. Changed passwords will need to meet the requirements listed above.

To enable this option, click Administration > Organisation settings on the top menu bar...

... followed by the Edit icon to the right of your organisation's name...

... and then Security settings on the side navigation menu;

This page will allow you to configure how often users are forced to change their passwords. Simply tick on the "Force rotate passwords" option and specify how many days users can keep their password before it must be changed.

Frequently asked questions

Can we opt out of the improved password security requirements?

No, all new passwords made going forward must meet these requirements. Existing passwords will not be affected, but if a user is required to reset an existing password (because they've lost it, or "Force rotate passwords" has been enabled) then their new password must meet the new requirements.

Can we apply the "Force rotate passwords" option to only specific users, e.g. students?

No, this is an account-level setting that affects all users in your organisation, there is no capacity to allow exceptions.

Articles in this section

Was this article helpful?
0 out of 0 found this helpful
Share

Comments

0 comments

Please sign in to leave a comment.