Strong passwords restrict access to a system, application or service to those who have memorised, stored and/or are authorised to use it. They are also called access codes, PINs or secret codes.
Strong passwords:
- Protect you from financial fraud and identity theft
- Reduce the likelihood of hackers breaking into your computer(s) by guessing weak passwords (very common)
- Reduce the likelihood of intruders easily gaining access and control of your device(s)
How to maintain a strong password?
- Don’t reuse a password twice
- Don’t share your password
- Don’t save your password in a browser
- Use a passphrase instead of a password
- Reset your password periodically
- Change your password ever 6-8 weeks
In line with Section 4.7.1 of the PEXA Subscriber Security Policy, Protecting passwords, Passwords used to access the PEXA System must be at least eight characters long and must contain a combination of all 4 of the following categories: upper case [A-Z] letters, lower case letters [a-z] numbers [0-9] and special characters [e.g. @#$%]. Additionally, username or personal details must not be used in passwords.
Subscribers must ensure that passwords, PINs and passphrases used in the PEXA System by Users are:
- not disclosed to anyone, including a colleague, supervisor, family member or friend;
- not disclosed to anyone whilst being entered into electronic equipment or systems;
- immediately changed if the Subscriber or the User becomes aware that a particular password, PIN or passphrase has become known or used by someone else;
- comprise a minimum 6 digits or characters for Digital Certificates;
- not be closely associated with the User’s identity such that it may be easily guessed by others. This means avoiding the use of the User's date of birth, name, phone numbers or similar items as passwords, passphrases or PINs; and
- be different from other existing Access Credentials.