Password Requirements

Effective July 29, 2017, FINRA implemented changes to strengthen its password requirements for users of systems that participate in FINRA’s Entitlement Program. Note: These new password requirements do not apply to file transfer protocol (FTP) user accounts.

No immediate action is required by users as existing passwords will remain valid; however, any password changed or created on or after July 29 must adhere to the updated password requirements provided on this page.

Your new password must:

  • Be 12-32 characters in length
  • Include characters from at least three of the following four categories:
    • Uppercase alphabet characters (A-Z)
    • Lowercase alphabet characters (a-z)
    • Numeric characters
    • Special characters (all special characters are permitted including a space)
  • Not reuse a user’s 10 most recent passwords
  • Not include your first, middle or last name
  • Not include your user ID 
  • Not include profanity, words of a vulgar nature, or any commonly used words identified by information security professionals.

Additional updates for passwords created on or after July 29, 2017:

  • Passwords will be valid for 180 days (increased from 90 days)
  • New Password Auto-Unlock feature:
    • Password lockout occurs after five incorrect password attempts within a one-hour period
    • Password lockout will auto-unlock after one hour.
    • Users may contact an account administrator at any time if they require a manual password reset for any reason including a password lockout.
  • The password auto-unlock feature does not apply to the security question lockout. Five incorrect attempts to answer security challenge questions will continue to result in a lockout that can only be reset by an account administrator.

Contact the FINRA Gateway Call Center (301) 590-6500 with any questions or send an email.