By Sean Colyer | Head of Product @ MPM
My Plan Manager is leading the way with the latest technology to keep your data safe while also ensuring our Client Portal remains accessible to all people with disability.
If you use the MPM Client Portal, you would have noticed the new passwordless login feature, which will probably be a different to what you’re used to. We’ve been listening to your feedback and questions about the new login system and are making some small changes to make it smoother for you, however we also want to take the time to explain why we have decided to use passwordless login and why we think it’s better for our clients.
Passwords are a big security problem
How many internet sites do you have a login for? Chances are there’s a few: Facebook or other social media accounts, email accounts, bank accounts, online shopping accounts and a range of others.
Surveys estimate that most people have from 92 user accounts, up to 130 accounts. Remembering passwords for that many websites is really hard! Most people simply can’t do it, and even if they could it would take a huge effort.
This creates a big opportunity for hackers: reports estimate that up to 80% of hacking related data breaches are related to weak or compromised passwords.
Why the MPM Client Portal has gone Passwordless
If all of this information about passwords has made you feel a bit anxious – don’t worry. We and many other organisations are on the case. In fact, Microsoft, Apple, Google, Mozilla and many others have been working hard on this problem, and the industry has agreed that passwordless login technologies are the future. In fact, some organisations predict that passwordless will be the most common way to login within the next 8 years.
Our version of passwordless login does the hard work for you using the following steps:
- When you click our magic link, your device (phone, tablet or computer) will generate a unique signature and send it to our system. The next time you visit the Client Portal on that device, we know it’s you!
- You don’t need to log out — the Client Portal will force a logout every 6 weeks and a new unique signature will be generated when you next log in.
We will eventually remove traditional password login from the client portal. We are doing this in stages – the first stage (which we are in now) is to introduce our passwordless login and make sure our clients aren’t having trouble with it. For now, you can still use the old username and password login as a backup.
Some things that are useful to know about passwordless:
- Magic links work only once. But once you have used it, you can return to portal.myplanmanager.com.au any time and bypass the login screen without having to generate a new magic link for 6 weeks.
- You will need a new magic link for each device you want to use with the MPM Client Portal. So, if you sometimes check your budget in the afternoon on Tuesdays on your laptop, and then also want to have a quick peek at the physio on your mobile phone, you will need to log in via magic link on both of those devices.
- You can further protect your email account by setting up Multi Factor Authentication to make it extra secure.