Accelerate course design with 18 proven course templates Join Us Live! Accelerate course design. Accelerate course design with 18 proven course templates. Register now
Product Updates

Security Enhancements: reCAPTCHA, Password Strength and Approval for Sign-ups

5 min

At LearnWorlds, we treat security requirements as a priority. We believe that it’s fundamental to offer a platform that provides the highest quality of service while at the same time doesn’t compromise on any aspect of our customers’ –and, by extension, their learners’– security and privacy.

As we continue to work on additional features, we want to ensure that our customers are aware of every new security mechanism they can deploy to protect their online academies. This is why, in addition to our existing security protocols, we’re introducing some new security enhancements that will help you keep your school websites safe and secure.

Use reCAPTCHA to Eliminate Fake User Traffic and Bots

LearnWorlds now integrates with reCAPTCHA v3, a Google service offered as an out-of-the-box solution for an always-on traffic analyzer that detects fake user and bot activity that tries to access your academy’s website.

With reCAPTCHA, you can safeguard your school’s website from illicit activities like fraud and misuse while minimizing disruption to legitimate users. The underlying technology uses an advanced Risk Analysis Engine to identify malicious traffic and adaptive challenges to prevent fraudulent users and software from taking part in hostile activities on your website.

Without creating friction for your learners by forcing them to go through the tedious process of solving word and image puzzles, you can use reCAPTCHA to protect your academy’s website from any unauthorized activity, including content pilfering and scraping, fake user sign-ups, account takeovers, and credential stuffing.

What parts of your school are protected

reCAPTCHA v3 will never interrupt your learners, so you can enable it whenever you like without affecting conversion.

When enabled, reCAPTCHA will be active on:

How to Enable and Configure reCAPTCHA for Your School

To obtain the keys needed for our reCAPTCHA integration, you must visit this link and log in to the reCAPTCHA admin console with your Google account. Then follow the steps in our support article to obtain the keys.

Go back to your LearnWorlds school in Site Builder → reCAPTCHA, copy each of the keys and paste them into the respective field:

How Will Your Learners Know That a Form is Protected?

When a form is visible, the reCAPTCHA icon will appear at the bottom right corner of the screen:

Strengthen Your Learners’ Account Security by Setting Strong Password Requirements

A strong password is the first line of defense against unauthorized access.

Any account with an easy-to-guess password can be hacked in seconds. To avoid account hijacking by a malicious actor who guesses or brute-force attacks one of your learners’ username and password combinations, it is imperative to ensure your learners’ passwords are strong and difficult to guess.

Starting today, we are introducing a streamlined website setting that will allow you to enable and define strong password requirements for your learners. This will ensure that user passwords are incredibly difficult to guess and remain secure.

We encourage all LearnWorlds customers to take advantage of this new setting and ensure all their users’ passwords, especially those with crucial administrative access, are as strong as possible.

How to Configure Password Strength Settings for Your School

If you want to enable strong password requirements for your learners, you have to visit your School’s Admin dashboard and navigate to:

Site Builder → Site Settings → Sign in/up → Password strength

By configuring these rules, you can require your learner’s passwords to consist of either one or all of the options below:

Take Control of your School’s Gatekeeping Process Using Approval for Sign-ups

Suppose you have some specific eligibility criteria for your learners, such as when running an exclusive educational community for experts, or you wish to maintain a waitlist for admissions. You may also want to employ a screening process as an additional security measure before allowing any kind of access to your school.

In these cases, you can establish an additional gatekeeping step by enabling Approval for Sign-ups (coming soon) to provisionally restrict and reduce the risk of unauthorized access. The newly added Approval for Sign-ups setting will appear on the Users dashboard page once it becomes available:

Users → Approval for Sign-ups → Setup

enable-approval-signups

Provisionally Restrict Access to Your School

Using the new Approval for Sign-ups workflow, you will be able to provisionally restrict access and determine whether to accept or reject a learner after they complete their sign-up process.

Additionally, you can use this method to open up your school’s website for Sign-ups before any learning activities or courses are published. Newly registered users will subsequently be able to access your academy only after an admin has accepted their Sign-up request.

approval-sign-ups

How to use the Approval for Sign-ups Workflow in Conjunction With Sign-up and Qualification Forms

To collect the necessary data in order to better inform your access decisions, you can also use the Sign-up and Qualification forms.

By enabling additional Custom Fields on the Sign-up form, you will be able to gather additional information you might need from your learners.

custom-signup-fields

You also have the option to require completing the Qualification form as a mandatory step before an access request is created, further enriching the amount of information you have on hand with assets like file uploads and short recordings of audio or video before allowing access to your academy.

 

qualification-form

💡 The Approval for Sign-ups security workflow will be available on our platform soon! Stay tuned!

Discover the Benefits of our Latest Security Enhancements

As cybersecurity threats become increasingly sophisticated and complex, these additional enhancements joining the suite of our existing security protocols make LearnWorlds one of the most robust and secure eLearning platforms available.

 

These enhancements will assist in preventing malicious actors from taking part in any hostile activity on your website while, on the other hand, legitimate and authorized users will still be able to create accounts, log in, make purchases or browse your website without any significant user experience friction.

Create a beautiful online school without any technical skills.

Start free trial
(Visited 513 times, 1 visits today)
Evangelos Tsintzas
Product Marketing Manager at LearnWorlds

Evangelos is a Product Marketer with experience in SaaS, B2B and B2C companies focusing on Product-Led growth and & CX Marketing. He's a Web 3.0 & Tim Berners-Lee's Semantic Web enthusiast, enjoys producing music "in-the-box" and gaming competitively.