diff --git a/config/application.rb b/config/application.rb
index 9749a9806..c23062f67 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -59,6 +59,8 @@ class Application < Rails::Application
     config.user_timeout_warning_minutes = ENV.fetch('TIMEOUT_WARNING_MINUTES', '20').to_i
     config.user_timeout_modal_visible = ENV.fetch('TIMEOUT_MODAL_VISIBLE', '5').to_i
 
+    config.user_password = ENV.fetch('USER_PASSWORD', 'Str0ngPa$$w0rd12')
+
     # Contentful
     config.contentful_space                   = ENV.fetch('CONTENTFUL_SPACE', credentials.dig(:contentful, :space))
     config.contentful_delivery_access_token   = ENV.fetch('CONTENTFUL_DELIVERY_TOKEN', credentials.dig(:contentful, :delivery_access_token))
diff --git a/db/seeds/users.yml b/db/seeds/users.yml
index 7a8caa39e..c4bf2d284 100644
--- a/db/seeds/users.yml
+++ b/db/seeds/users.yml
@@ -1,15 +1,15 @@
 ---
 registered@example.com:
-  password: <%= ENV.fetch('USER_PASSWORD', 'Str0ngPa$$word') %>
+  password: <%= Rails.configuration.user_password %>
   terms_and_conditions_agreed_at: <%= 1.minute.ago %>
 
 confirmed@example.com:
-  password: <%= ENV.fetch('USER_PASSWORD', 'Str0ngPa$$w0rd12') %>
+  password: <%= Rails.configuration.user_password %>
   terms_and_conditions_agreed_at: <%= 1.minute.ago %>
   confirmed_at: <%= 1.minute.ago %>
 
 completed@example.com:
-  password: <%= ENV.fetch('USER_PASSWORD', 'Str0ngPa$$w0rd') %>
+  password: <%= Rails.configuration.user_password %>
   terms_and_conditions_agreed_at: <%= 1.minute.ago %>
   confirmed_at: <%= 1.minute.ago %>
   first_name: Demo
diff --git a/lib/tasks/eyfs.rake b/lib/tasks/eyfs.rake
index 01dbdba68..d03212ddf 100644
--- a/lib/tasks/eyfs.rake
+++ b/lib/tasks/eyfs.rake
@@ -9,7 +9,7 @@ namespace :eyfs do
     unless User.find_by(email: "#{bot_token}@example.com")
       User.create!(
         email: "#{bot_token}@example.com",
-        password: ENV.fetch('USER_PASSWORD', 'Str0ngPa$$w0rd'),
+        password: Rails.configuration.user_password,
         confirmed_at: Time.zone.now,
         terms_and_conditions_agreed_at: Time.zone.now,
         first_name: 'Bot',
diff --git a/spec/config_spec.rb b/spec/config_spec.rb
index d4a6fa254..8c7726803 100644
--- a/spec/config_spec.rb
+++ b/spec/config_spec.rb
@@ -31,10 +31,24 @@
     expect(config.internal_mailbox).to eq 'child-development.training@education.gov.uk'
   end
 
+  it 'sets password for seeds' do
+    expect(config.user_password).to eq 'Str0ngPa$$w0rd12'
+  end
+
   it 'exports dashboard statistics daily at midnight' do
     expect(config.dashboard_update_interval).to eq '0 0 * * *'
   end
 
+  describe 'seeded users' do
+    before do
+      Dibber::Seeder.seed(:user, name_method: :email)
+    end
+
+    specify do
+      expect(User.count).to eq 3
+    end
+  end
+
   describe 'time out' do
     it 'sets interval in minutes' do
       expect(config.user_timeout_minutes).to eq 25
diff --git a/spec/controllers/user_controller_spec.rb b/spec/controllers/user_controller_spec.rb
index 358ddfc94..e5e08691a 100644
--- a/spec/controllers/user_controller_spec.rb
+++ b/spec/controllers/user_controller_spec.rb
@@ -54,7 +54,7 @@
         {
           password: 'NewPassword12!@',
           confirm_password: 'NewPassword12!@',
-          current_password: 'Str0ngPa$$w0rd',
+          current_password: 'Str0ngPa$$w0rd12',
         }
       end
 
@@ -90,7 +90,7 @@
         {
           password: '',
           confirm_password: '',
-          current_password: 'Str0ngPa$$w0rd',
+          current_password: 'Str0ngPa$$w0rd12',
         }
       end
 
diff --git a/spec/factories/users.rb b/spec/factories/users.rb
index 2b339dee9..e4a323106 100644
--- a/spec/factories/users.rb
+++ b/spec/factories/users.rb
@@ -1,7 +1,7 @@
 FactoryBot.define do
   factory :user do
     email { Faker::Internet.email }
-    password { 'Str0ngPa$$w0rd' }
+    password { Rails.configuration.user_password }
     terms_and_conditions_agreed_at { Date.new(2000, 0o1, 0o1) }
 
     trait :confirmed do
diff --git a/spec/system/registered_user/changing_password_spec.rb b/spec/system/registered_user/changing_password_spec.rb
index 47679ba47..8870164c0 100644
--- a/spec/system/registered_user/changing_password_spec.rb
+++ b/spec/system/registered_user/changing_password_spec.rb
@@ -3,13 +3,13 @@
 RSpec.describe 'Registered user changing password', type: :system do
   subject(:user) { create :user, :registered, created_at: 1.month.ago }
 
-  let(:password) { 'Str0ngPa$$w0rd' }
+  let(:password) { 'Str0ngPa$$w0rd13' }
 
   include_context 'with user'
 
   before do
     visit '/my-account/edit-password'
-    fill_in 'Enter your current password', with: 'Str0ngPa$$w0rd'
+    fill_in 'Enter your current password', with: 'Str0ngPa$$w0rd12'
     fill_in 'Create a new password', with: password
     fill_in 'Confirm password', with: password
   end
diff --git a/spec/system/sign_in_spec.rb b/spec/system/sign_in_spec.rb
index a55ae8c2c..2a235da7c 100644
--- a/spec/system/sign_in_spec.rb
+++ b/spec/system/sign_in_spec.rb
@@ -2,7 +2,7 @@
 
 RSpec.describe 'Sign in' do
   let(:email_address) { user.email }
-  let(:password) { 'Str0ngPa$$w0rd' }
+  let(:password) { Rails.configuration.user_password }
 
   before do
     visit '/users/sign-in'
diff --git a/ui/pages/sign_in.rb b/ui/pages/sign_in.rb
index 18e141b34..d960d6fcc 100644
--- a/ui/pages/sign_in.rb
+++ b/ui/pages/sign_in.rb
@@ -11,12 +11,12 @@ class SignIn < Base
     # Authenticate using email and password
     #
     # @param email [String] login email address (default: completed@example.com)
-    # @param password [String] login password (default: Str0ngPa$$w0rd)
+    # @param password [String] login password (default: Str0ngPa$$w0rd12)
     def with_email_and_password(email = nil, password = nil)
       wait_until_header_visible
 
       email ||= 'completed@example.com'
-      password ||= ENV.fetch('USER_PASSWORD', 'Str0ngPa$$w0rd')
+      password ||= Rails.configuration.user_password
 
       email_field.set(email)
       password_field.set(password)