What are best practices for password and PIN safety?
• Website passwords should be at least 6 digits or 6 alphanumeric characters, without repeating any digit or character more than once. • Website passwords should not be based on user-id, personal telephone number, birthday or other personal information. • Website passwords must be kept confidential and not be divulged to anyone. • Website passwords must be memorised and not be recorded anywhere. • Website passwords should be changed regularly. The same password should not be used for different websites, applications or services, particularly when they relate to different entities. • Do not allow anyone to keep, use or tamper with your digital key (one time electronic PIN generator). • Do not reveal the PIN(s) generated by your digital key to anyone. • Do not divulge the serial number of your digital key to anyone.
