Password Security

A strong password is the first step towards keeping your account secure. CareApp follows the best practices for password security recommended by the National Institute of Standards and Technology (NIST)

• Your password should be at least 8 characters long
• Your password should not be too similar to the email address or name you use to sign up to CareApp
• Unsafe passwords, such as simple words, and passwords that have previously been exposed online in data breaches can not be used.

Tips for choosing a strong password

• Don't reuse the same password for different websites and services. If a data breach occurs and your account is compromised on one service, you are at higher risk on the other websites where you use the same password
• Consider using a password manager. CareApp works with managers such as 1Password and LastPass, as well as the password managers built into your phone or web browser. Password managers help you choose strong, random passwords, that you do not need to try and remember
• Try picking 3 random words for your password that are easy to remember, rather than a combination of letters and numbers

CareApp says the password I entered has been found in a data breach, what does this mean?

You may see this error message when signing up or changing your password:

Your security is our top priority. We have identified that this password may have been previously compromised and ask that you choose a different password for your CareApp account.

CareApp checks new passwords to see if they have previously been included in data breaches from other online services. Passwords that have previously been leaked online are unsafe, and should no longer be used. If we detect the password you entered has been leaked, then you will need to choose a different password.

Multifactor Authentication

You can enable multifactor authentication on your CareApp account for an additional layer of security. Read more in our 2-Factor Authentication Guide.