Megaport Portal Authentication FAQs

As part of Megaport’s continuous and ongoing effort to ensure our customers’ data privacy and security, we have made improvements in user authentication in the Megaport Portal. One of these improvements is an update to our password policy. From September 15 2022 (AEST), users who do not meet our minimum password complexity rules will be prompted to reset their password on next login.

To update your password, log out of your existing Megaport Portal account and then log back in. At this point, you might be prompted to update your password to comply with our new password policy. After successful login, your primary email address will become the username required to access your Megaport account. The new password policy takes effect from September 15 2022.

Portal users

Why have I been logged out of the Megaport Portal?

Megaport has expired the session token to enable users to be migrated to the new authentication platform. After logging in to the Portal again, your migration will be complete.

When will I be migrated and how will I know if I’ve been migrated?

Megaport will gradually migrate users by rolling out the change to groups of companies over a staggered period. For most users, this will be a seamless transition and you’ll log in to the Portal using your primary email address and password.

What if I enter an incorrect password or token several times?

After entering an incorrect password five times, you will be locked out for one second. For each additional failed attempt, the lockout duration doubles up to a maximum of approximately 15 minutes. To lift the lockout and return to the starting point, you need to either successfully log in after the lockout period ends or wait 15 minutes following a lockout before trying to log in again. If your password is incorrect, reset it at the Megaport Portal login page

After entering an incorrect token five times, your account will be locked. A Company Admin can reactivate a user’s status in the Megaport Portal on the Company > Manage Users page. For more information, see Adding and Modifying Users.

My username has stopped working and I get a ‘Bad session token error’

Login Failed - Bad Session Token

From September 15 2022 (AEST) your username has been changed to the primary email address associated with the Megaport account. Alternatively, your password is incorrect and can be reset at the Megaport Portal login page

What if I don’t know the primary email address associated with my Megaport account?

Megaport cannot provide email addresses over the phone due to privacy policies. We suggest you contact your Megaport Company Admin who can find this information in the Manage Users section of the Portal.

How do I update my username to my primary email address?

Megaport will make this change on your behalf from September 15 2022 (AEST) and you will be notified by email to your primary email address.

Why do I have to reset my password and what are the complexity rules?

Megaport is introducing a new password policy in order to ensure the security of customer data. This password policy includes minimum password complexity rules, and your new password must contain:

    - At least 8 characters  
    - Uppercase characters (A-Z)  
    - Lowercase characters (a-z)  
    - Numbers (0-9)  
    - At least one special character: ^ $ * . [ ] { } ( ) ? " ! @ # % & / \ , > < ' : ; | _ ~ ` = + -

    The password policy uses a password strength estimator to prevent common, easily guessed passwords, such as Passw0rd. If you have met all complexity requirements and your password is still being rejected, the likely cause is that the password is too common or easy to guess.

Megaport’s authentication platform upgrade will enforce and validate the password complexity on login. If your password does not meet these minimum password complexity rules, you will be directed to the Reset Password page, where you can set your new password and log in to the Megaport Portal.

Can Megaport see my password? How do you know if I meet the complexity requirements?

Megaport doesn’t store passwords in clear text and they are hashed. Validation will occur on entering a new password to ensure it meets the complexity rules.

How do I change my password?

If you’re unable to log in, click Forgot Password on the login page to receive an email to update your password. If you have access to the Megaport Portal, you can change your password by choosing User Profile under your username > Change Password. You will be asked to enter your old password, new password, and re-enter the new password.

Who can change email addresses in the Megaport Portal?

Only the user has the ability to change their email address under the username drop-down menu > User Profile > Change Email option. Company Admin users and Megaport cannot change another user’s email address.

API users

I use my username and password to access the Megaport API. How will this change impact me?

At this stage, you can still use your username and password to generate tokens to access Megaport APIs. However, this will be phased out over time. We recommend that you transition credentials away from username and password, to using API keys. For more information, see Creating an API Key.

Can I start using API keys?

Yes, Megaport has implemented the ability to create API keys from the Portal. A Company Admin user can create API Keys with either Company Admin or Read Only permissions.

How do I create API keys?

Information about creating API keys can be found here: Creating an API Key.