Security Centre

As part of our January 2017 update we are introducing several account security enhancements designed to help all users, from candidates to administrators, keep their account secure. Administrators already have mandatory two factor authentication for their accounts and we have had optional two factor authentication for candidates for over a year. In this update we have added support for app-based two factor authentication which provides a much more convenient and secure method of two factor authentication.

We have also introduced a new “Security Centre” area where you can customise your personal security settings. This feature will be developed further over the coming weeks. In this update the security centre contains the following features:
  • Password strength information
  • Multi-Factor authentication setup
  • Sign out everywhere
  • Change your password
You can access the Security Centre from the main menu:

Security Centre

When you open your personal security centre these are the features that you currently have available:

Security Centre 2

Two Factor Authentication

Most people only have one layer of security, their password, to protect their account. With two factor authentication if a bad guy hacks through your password layer he'll still need your phone to get into your account. With two factor authentication your account is protected by something you know (your password) and something you have (your phone).

Although tahdah securely encrypts (hashes) all passwords and uses SSL to hide your password as it makes its way to our servers we can't say the same for other websites. If your password is compromised elsewhere a hacker could get access to your tahdah account.

Enabling two factor authentication means that even if someone has your password they won't be able to get into tahdah unless they also have your phone. To enable two factor authentication go to the security center and move the Two Factor Authentication switch to “On”. This will then guide you through the setup process to use the authenticator app.

New Password Rules

As part of the latest update to the tahdah system we are changing the password requirements for your account. We apologise for any inconvenience this may cause but this measure will improve the security of your account. When you login for the first time after the January update if your password doesn’t meet these rules you’ll be asked to create a new password. To ensure the safety of your account we’ll do this by sending you an email with a link that will let you create a new password.

For an explanation of the updated requirements see the image below:

New Password Rules

Signout Everywhere

If you have ever ticked "Remember Me" by accident on a device you can force the system to log you out everywhere including the computer you are currently using. This is especially useful if you have accidentally ticked “Remember Me” on a shared computer, when you leave a job or if you sell an old tablet or laptop. It is also a good idea to use this after enabling two factor authentication, or if you have seen suspicious activity on your account.

Admin staff also have the ability to do this on your behalf, so if you ever have a concern about access to your account you can contact customer support for your awarding body and they will be able to do this for you.