Our institution is looking into ways to improve security with our user login process. I'm wondering if Canvas has any of the following features.
1. A way to suggest users update their password X months after their last password change.
2. A way to have a one time password on account creation, then force users to update that password. Our SIS creates user accounts and sets a temporary password, but a lot of students just keep the temp password.
3. An API call to check the last time a user updated their password. If this existed, we could build some in house solutions for the above two features.
Hello there, @jhveem ...
Full disclosure...I don't really have any solutions or answers for you, but I was curious about your posting and wanted to ask some clarifying questions. You say that your SIS creates user accounts and temporary passwords. Do you have a single sign-on (SSO) process set up for your students/faculty/staff to log in to Canvas? For example, at our Technical College, we have our own login screen that people use to sign in to Canvas. Our login page does not look like a standard Canvas login page. Our College's IT department controls all the elements related to our logins, and they have rules set up where we have to change our password after "x" number of days. Does your school have anything set up similar to this? If not, it might be worth investigating.
Again, not really sure if any of this will be helpful to you, but I thought I'd share this info...just in case. Thanks!