Effective July 29, 2017, FINRA implemented changes to strengthen its password requirements for users of systems that participate in FINRA’s Entitlement Program. Note: These new password requirements do not apply to file transfer protocol (FTP) user accounts.
No immediate action is required by users as existing passwords will remain valid; however, any password changed or created on or after July 29 must adhere to the updated password requirements provided on this page.
Your new password must:
- Be 12-32 characters in length
- Include characters from at least three of the following four categories:
- Uppercase alphabet characters (A-Z)
- Lowercase alphabet characters (a-z)
- Numeric characters
- Special characters (all special characters are permitted including a space)
- Not reuse a user’s 10 most recent passwords
- Not include your first, middle or last name
- Not include your user ID
- Not include profanity, words of a vulgar nature, or any commonly used words identified by information security professionals.
Additional updates for passwords created on or after July 29, 2017:
- Passwords will be valid for 180 days (increased from 90 days)
- New Password Auto-Unlock feature:
- Password lockout occurs after five incorrect password attempts within a one-hour period
- Password lockout will auto-unlock after one hour.
- Users may contact an account administrator at any time if they require a manual password reset for any reason including a password lockout.
- The password auto-unlock feature does not apply to the security question lockout. Five incorrect attempts to answer security challenge questions will continue to result in a lockout that can only be reset by an account administrator.
Contact the FINRA Gateway Call Center (301) 590-6500 with any questions or send an email.