Skip to main content

Password Requirements

The password requirements provided on this page apply to users of systems that participate in FINRA’s Entitlement Program. Note: These password requirements do not apply to file transfer protocol (FTP) user accounts.

Your password must:

  • Be 12-32 characters in length
  • Password should neither start nor end with a space
  • Include characters from at least three of the following four categories:
    • Uppercase alphabet characters (A-Z)
    • Lowercase alphabet characters (a-z)
    • Numeric characters
    • Special characters (All special characters are permitted. Space is allowed but is not considered a special character.)
  • Not reuse a user’s 10 most recent passwords
  • Not include your first, middle or last name
  • Not include your user ID 
  • Not include profanity, words of a vulgar nature, or any commonly used words identified by information security professionals.

Additional password features:

  • If the password length is 12 to 15 characters, it will be valid for 180 days
  • If the password length is 16 to 32 characters, it will be valid for 365 days
  • Password Auto-Unlock feature:
    • Password lockout occurs after five incorrect password attempts within a one-hour period
    • Password lockout will auto-unlock after one hour
    • Users may contact an account administrator at any time if they require a manual password reset for any reason including a password lockout
  • The password auto-unlock feature does not apply to the security question lockout. Five incorrect attempts to answer security challenge questions will continue to result in a lockout that can only be reset by an account administrator.