We’ve heard from many of you with questions and feedback about the recent authentication updates across the Campminder ecosystem. Your input helps us improve, and we’re continuing to strengthen the systems that protect your camps.
While there have been very few technical issues, we recognize that some familiar workflows feel different right now.
To make things easier, we’ve put together this FAQ to answer the most common questions and keep you informed as we move forward together.
Why did Campminder make these security changes and updates?
Two important reasons—both focused on keeping your camp community safe and running smoothly:
You asked for stronger protection. Multi-Factor Authentication (MFA) has been one of the most requested security features from our camp partners. It adds an extra layer of defense to keep your data—and your families’ trust—secure.
Campminder was required to adhere to new PCI compliance standards in 2025. These rules require MFA for any organization that processes online payments. For your camp to collect electronic payments safely, both you and Campminder must meet these standards.
Why are these changes happening now?
Campminder completes a required PCI compliance audit every November. To make sure your camp could continue collecting payments in a compliant manner without any risk of disruption, we needed to meet the new standards before that audit.
Why am I getting logged out after only one hour of inactivity? Can I change that setting?
To ensure compliance, we started with a conservative read of the PCI guidelines. We’ve heard feedback about the one hour idle logout and we’ve since verified that the rules provide us more flexibility.
This inactivity auto-logout window has been extended to four hours. We have also added a “remember this device” option that will allow your private device to remain authenticated for up to 30 days without the need to MFA again.
Why can I no longer update caregiver and staff login/emails? Is that functionality coming back?
There are security risks in allowing a new email address to access a pre-existing account. A solution to this problem is already code-complete and in testing, and we expect it to be released by 11/14.
Why do people have to create an account to submit a camper/staff application?
Security: Camps have experienced fraudulent applications in the past, and now users must validate the legitimacy of their email addresses.
Communication: Email address verification ensures that your communications are going to the correct place and that the user did not enter a typo into their email address as part of the application process.
My families are having issues logging in. Is something wrong?
Existing caregivers and staff should be able to continue logging in using their current email and password.
New caregivers or staff applicants can create an account by clicking “Sign Up” before starting an application.
Here are some common situations families are encountering — along with ways to help them get signed in smoothly:
Saved credentials not populating: Some caregivers use browser-saved login info that doesn’t automatically trigger with the new authentication system. If login details don’t autofill or are forgotten, they can click “Forgot Password” to receive an email to reset. After that, their browser can save the updated credentials moving forward. We’re seeing more password resets than usual, but once reset, users can access their accounts without issue.
“Forgot Password” not triggering an email: First, we recommend caregivers double check their spam folders or inbox filters. Additionally, for any caregivers that never set up credentials, even though their email address may have been on a record, they will need to click “Sign Up” to securely link their login to their existing record. If someone tries resetting a password but doesn’t receive a reset email, encourage them to use “Sign Up” instead.
Caregivers with a Campminder login to another camp: If a caregiver or staff already has an account with another Campminder camp, they should log in with their existing credentials (or “Forgot Password”) rather than “Sign Up.” This allows them to use one set of credentials across all their Campminder-connected camps. We’re continuing to improve communication around this unified login experience to make access smoother across CampInTouch and Campanion.
Our vision is for Campminder to be both secure and easy to use, while remaining the most reliable, efficient, and innovative platform in the industry.
We’ll keep learning, iterating, and communicating openly as we proceed.