Q: How secure is the LDAP authentication process that PowerSchool Learning offers?
A: Here are some important things to know when you setup your domain for LDAP authentication:
- If setup properly, your firewall will only allow access to your LDAP port from our network, so you are not open to third-party attacks on those ports unless someone compromises our servers first.
- When a user authenticates using LDAP, PowerSchool Learning's servers do not store their password. We hold it until your LDAP server responds and then it is discarded. Even should our server be compromised, your password list would not be exposed because it is stored exclusively on your LDAP server.
- Because LDAP communication is not encrypted, packet sniffing between PowerSchool Learning and your server is possible. If you are concerned about this, LDAPS might be a better option. If your server runs LDAPS we can use that secure protocol instead.
Have any additional questions about LDAP and security in PowerSchool Learning? Reach out to your School Advisor for more information!