Contact us
Open Hamburger Menu
Learning Management Platforms
man working on a laptop with a synergy learning brand device behind

2 November 2023

LMS Password Management – best practice and tips for improvement

Kenny McCormack

Kenny McCormack

Senior Solutions Architect

How to make your LMS password management better.

Passwords can be a major headache for any organisation using a learning management system (LMS). For learners, an LMS can provide yet another password to remember. That often results in a lot of frustration and a regular flow of forgotten password requests.

For administrators, there’s often work involved in fielding those forgotten password requests admin associated with the LMS. There’s also a significant security and data protection threat posed if adequate LMS password management hasn’t been put in place.

In this article, we’ll look at the measures you can put in place to tighten up your LMS password management at the same time as making life easier for you and your learners.

What is LMS password management?

Password management is the processes and principles you put in place to secure, store and manage passwords. As you may have guessed, LMS password management is how passwords for your LMS are secured, stored and managed.

LMS password management applies to all LMS users but is managed centrally by administrators. Admins can control password management by:

  • Setting the requirements and parameters for users’ passwords
  • Putting infrastructure in place to make password management easier
  • Sharing password management best practices with users

Although responsibility for overseeing LMS password management, it is an issue for all learners to be aware of. There is value in educating your learners so that they not only follow best practices but also fully understand why those measures are in place and the implications for them and the organisation if they don’t follow LMS management best practices.

Why is LMS password management needed?

Poor password management puts your LMS — and the wider organisation — at risk from a wide variety of threats. These include hacking, phishing and data breaches.

LMS password management best practices

There are several things any LMS admin can do to encourage password management best practice. They include:

  • Insist on strong passwords – When setting the parameters for users’ passwords, you can require that they are strong passwords. This usually means a password that is at least eight characters long and includes a mix of uppercase letters, lowercase letters, numbers and symbols. You could introduce a company policy to ban or educate users against using common words, names, dates, or personal information that is easy to guess or find online 
  • Provide access to a password generator – Share a trusted password generator tool with your learners so that they can easily create strong, unique passwords that are hard to crack.
  • Change passwords regularly – Use your LMS settings to make passwords expire regularly. The recommended best practice is to change passwords at least every 90 days to limit your exposure to hacking and data breaches. You can also limit the reuse of old passwords to make sure your learners are genuinely changing their passwords.
  • Use a password manager – Offer your learners a password manager — a secure platform on which they can store their passwords. Take away the need for passwords jotted on sticky notes or written at the front of notepads. Password managers will autofill a user’s password when they access your LMS. Some password managers also notify users when a password has been leaked or compromised.
  • Introduce multi-factor authenticationMulti-factor authentication (MFA) is when a password alone is not enough to grant access. You need another form of authentication, which is typically a code generated by an app or sent by email. This provides an extra layer of security if a password is compromised. Upcoming versions of Moodle LMS and Totara TXP both contain improved MFA features.
  • Use single sign-on — Single sign-on (SSO) is when your users have a single set of login credentials for multiple systems. For example, when they log in to their company emails they will also be logged in to the LMS. This avoids the need for users to have to remember various usernames and passwords for the different systems they use. Find out more about using SSO with an LMS.

Tighten up your LMS password management

The steps we’ve discussed in this article not only help to keep your LMS secure, they also make it easier for your users to access the platform. Fewer security risks, fewer password reset requests and more time for everyone to focus on learning.

If you’d like to talk about introducing single sign-on, multi-factor authentication or another layer of LMS password management, fill out the form below and we’ll be in touch.

Tags

Learning Management Platforms Tips and Advice

Share

Related Blogs

Request a Callback. It’s easy!

Whether it’s about upgrading your current platform, starting from scratch with an LMS of your choice or you need guidance on where to begin, we’ll be happy to help!

newsletter

Learning tips straight to your inbox

Keep up to date with the latest learning technologies, e-learning insight and advice on getting the best results from your learners and your platforms. Sign up to get regular email updates.