Password Security

The control panel of your website may grant access to the PatientInbox, a component of Digital Triage, which may encompass a substantial amount of Patient Identifiable Data. The majority of this data is classified under Special Category Data, necessitating heightened security measures.

We have meticulously addressed all technical aspects to ensure the implementation of appropriate encryption and security measures, collaborating closely with NHS Digital to guarantee the safety of the data.

In any data system, authorized users require permission to access the information. While there are tools available to help prevent data loss, the responsibility for securing this access ultimately rests with the users themselves and why the importance of securing their passwords cannot be overstated.

What we have done

• Only the login screen will ask you for your password
• Authentication tokens for password resets
• Notifications of logins
• Notifications of password resets
• Account lock after a number of failed attempts to log in
• Two Factor Authentication (2FA) is available to all users

What users can do

• Don't use browser tools to autofill or save your password
• Use individual user accounts rather then generic user accounts
• Deploy 2FA for their user account
• Create a strong and memorable password

Tips on creating strong and memorable passwords

Create your password using a sentence.

Turns out, our brains are more like karaoke machines—they'd rather hum along to a catchy tune than juggle a jumble of random letters.

• "My favourite colour is blue, I have 3 kids and a dog" becomes: mfcib,Ih3Kaad

Use your Keyboard like a canvas

Instead of playing a game of character hopscotch, visualize the keyboard as your personal Etch A Sketch—let your fingers doodle a memorable pattern as you type. This could represent your initials or the pattern of a logo.