Table of Contents
At LearnWorlds, we treat security requirements as a priority. We believe that it’s fundamental to offer a platform that provides the highest quality of service while at the same time doesn’t compromise on any aspect of our customers’ –and, by extension, their learners’– security and privacy.
As we continue to work on additional features, we want to ensure that our customers are aware of every new security mechanism they can deploy to protect their online academies. This is why, in addition to our existing security protocols, we’re introducing some new security enhancements that will help you keep your school websites safe and secure.
Table of contents
Use reCAPTCHA to Eliminate Fake User Traffic and Bots
LearnWorlds now integrates with reCAPTCHA v3, a Google service offered as an out-of-the-box solution for an always-on traffic analyzer that detects fake user and bot activity that tries to access your academy’s website.
With reCAPTCHA, you can safeguard your school’s website from illicit activities like fraud and misuse while minimizing disruption to legitimate users. The underlying technology uses an advanced Risk Analysis Engine to identify malicious traffic and adaptive challenges to prevent fraudulent users and software from taking part in hostile activities on your website.
Without creating friction for your learners by forcing them to go through the tedious process of solving word and image puzzles, you can use reCAPTCHA to protect your academy’s website from any unauthorized activity, including content pilfering and scraping, fake user sign-ups, account takeovers, and credential stuffing.
What parts of your school are protected
reCAPTCHA v3 will never interrupt your learners, so you can enable it whenever you like without affecting conversion.
When enabled, reCAPTCHA will be active on:
How to Enable and Configure reCAPTCHA for Your School
To obtain the keys needed for our reCAPTCHA integration, you must visit this link and log in to the reCAPTCHA admin console with your Google account. Then follow the steps in our support article to obtain the keys.
Go back to your LearnWorlds school in Site Builder → reCAPTCHA, copy each of the keys and paste them into the respective field:
How Will Your Learners Know That a Form is Protected?
When a form is visible, the reCAPTCHA icon will appear at the bottom right corner of the screen:
Strengthen Your Learners’ Account Security by Setting Strong Password Requirements
A strong password is the first line of defense against unauthorized access.
Any account with an easy-to-guess password can be hacked in seconds. To avoid account hijacking by a malicious actor who guesses or brute-force attacks one of your learners’ username and password combinations, it is imperative to ensure your learners’ passwords are strong and difficult to guess.
Starting today, we are introducing a streamlined website setting that will allow you to enable and define strong password requirements for your learners. This will ensure that user passwords are incredibly difficult to guess and remain secure.
We encourage all LearnWorlds customers to take advantage of this new setting and ensure all their users’ passwords, especially those with crucial administrative access, are as strong as possible.
How to Configure Password Strength Settings for Your School
If you want to enable strong password requirements for your learners, you have to visit your School’s Admin dashboard and navigate to:
Site Builder → Site Settings → Sign in/up → Password strength
By configuring these rules, you can require your learner’s passwords to consist of either one or all of the options below:
Take Control of your School’s Gatekeeping Process Using Approval for Sign-ups
Suppose you have some specific eligibility criteria for your learners, such as when running an exclusive educational community for experts, or you wish to maintain a waitlist for admissions. You may also want to employ a screening process as an additional security measure before allowing any kind of access to your school.
In these cases, you can establish an additional gatekeeping step by enabling Approval for Sign-ups (coming soon) to provisionally restrict and reduce the risk of unauthorized access. The newly added Approval for Sign-ups setting will appear on the Users dashboard page once it becomes available:
Users → Approval for Sign-ups → Setup
Provisionally Restrict Access to Your School
Using the new Approval for Sign-ups workflow, you will be able to provisionally restrict access and determine whether to accept or reject a learner after they complete their sign-up process.
Additionally, you can use this method to open up your school’s website for Sign-ups before any learning activities or courses are published. Newly registered users will subsequently be able to access your academy only after an admin has accepted their Sign-up request.
How to use the Approval for Sign-ups Workflow in Conjunction With Sign-up and Qualification Forms
To collect the necessary data in order to better inform your access decisions, you can also use the Sign-up and Qualification forms.
By enabling additional Custom Fields on the Sign-up form, you will be able to gather additional information you might need from your learners.
Evangelos is a Product Marketer with experience in SaaS, B2B and B2C companies focusing on Product-Led growth and & CX Marketing. He's a Web 3.0 & Tim Berners-Lee's Semantic Web enthusiast, enjoys producing music "in-the-box" and gaming competitively.