Home » iAS Password Requirements are Changing

iAS Password Requirements are Changing

What

All users of interRAI Assessment Software (iAS) will be required to increase their password length to a minimum of 14 characters. New passwords will be valid for 12 months.

When

The new policy will come into effect on 1 September 2025. However, you will only be prompted to update your password when your current one is due for renewal. 

Why

Advancements in cyber-attacks and insights into user behaviour regarding password management necessitated an evaluation of the existing password policy. Our current requirement (minimum of 8 characters containing upper and lower-case letters and numerals, with a three-month expiration) is no longer considered best practice, according to CERT NZ

The change represents a significant step forward in interRAI Service’s cybersecurity approach. Focusing on stronger, user-friendly passwords and reducing the number of changes will improve both security and usability. 

 

Helpful tips for safer passwords

Use a different password for every online account you have 

Many of us use the same password for all our accounts or stick to two or three different ones that we use repeatedly. This means if a hacker has one of your account passwords, they have access to any other accounts with the same password. Keep your accounts safe and use each password only once. 

Make your password long and strong 

Long passwords are strong passwords. An easy way to create a good password is to make a passphrase made up of four or more random words. Passphrases are easier to remember and are stronger than a password that uses numbers, letters and symbols. You can try making a passphrase that’s a sentence or fun phrase unique to you. 

For example, popcornwithbutterisbest or catseatpotatochips. Or look around you and pick four random items, for example, coffeelemoncupflowers

Always use words that are random to you and don't use family names, birth dates or addresses – this type of information is easy for hackers to find.

Don’t use personal information 

Personal information is easy to find online, especially if you use social media. Details about you, like your date of birth, your address and even your pet’s name, are the first thing attackers check when they’re trying to hack into other people’s accounts. So, if you share pictures of your dog online, make sure you don’t use your dog’s name as your password too. 

Update your security questions

Make sure to check and update your security questions before 1 September, as you’ll need to answer them if you forget your new password and want to rest it yourself. Click here for instructions on how to update your security questions.

 

Thank you for helping us maintain the integrity and security of our systems. 

Nga mihi,

interRAI Software Services Team