Password Requirements

The password requirements provided on this page apply to users of systems that participate in FINRA’s Entitlement Program. Note: These password requirements do not apply to file transfer protocol (FTP) user accounts.

Your password must:

• Be 12-32 characters in length
• Password should neither start nor end with a space
• Include characters from at least three of the following four categories:
  • Uppercase alphabet characters (A-Z)
  • Lowercase alphabet characters (a-z)
  • Numeric characters
  • Special characters (All special characters are permitted. Space is allowed but is not considered a special character.)
• Not reuse a user’s 10 most recent passwords
• Not include your first, middle or last name
• Not include your user ID 
• Not include profanity, words of a vulgar nature, or any commonly used words identified by information security professionals.

Additional password features:

• If the password length is 12 to 15 characters, it will be valid for 180 days
• If the password length is 16 to 32 characters, it will be valid for 365 days
• Password Auto-Unlock feature:
  • Password lockout occurs after five incorrect password attempts within a one-hour period
  • Password lockout will auto-unlock after one hour
  • Users may contact an account administrator at any time if they require a manual password reset for any reason including a password lockout
• The password auto-unlock feature does not apply to the security question lockout. Five incorrect attempts to answer security challenge questions will continue to result in a lockout that can only be reset by an account administrator.