Infinite Campus Security Measures

Written by Christopher Lee

Last published at: April 13th, 2023


Infinite Campus (IC) offers several security features to help districts secure data.

Fall '21 implemented login notice (email)

Spring '22 implemented Prohibit Passwords That Have Been Previously Disclosed in a Data Breach


Login notice (email)

Implemented following security measure in fall '21 for Shakopee Schools IC Portal is a login notice (email) when sign in to a new device.


Email on record

Infinite Campus may prompt if you do not have a current verified email on record for security alerts (separate from demographics).  Enter desired email to receive these notifications.

Upon login you will be asked if IC should recognize this device for future.  Only check "Recognize ..." on owned devices (district / personal) and not shared devices (public library / hotel / conference systems / etc).

Once continue an email will be sent to the primary address in your IC account.

If you receive an email and have not recently signed into IC on a new device complete the following:

  1. Change your password: Change your password
  2. Contact Technology department and alert to possible account compromise.

Prohibit Passwords

Implemented following security measure in spring '22 for Shakopee Schools IC Portal is prohibit passwords that have been previously disclosed in a data breach.

Infinite Campus is able to read and utilize a global database used to track passwords and accounts affected by data breaches of non-Infinite Campus systems. When this preference is enabled, if Infinite Campus detects a user's password matches a password found in a publicly known data breach, it will automatically notify the user and recommend they update it. 

This preference is applicable to Campus and LDAP authenticated accounts. 



Notification of a breached password DOES NOT mean your Infinite Campus account has been breached. It means your password matches a password found in a global database of breached passwords from third-party systems who have had a data breach.

Campus DOES NOT send any credentials to a third-party for use of this functionality.

If a user's password is identified as breached, they will receive notification of this issue in the bell Messages area (see image below).