Passwords must contain at least eight characters, and must include at least one uppercase character, one lowercase character, one numeric character, and one special character (such as @, #, or $). All passwords expire after 90 days.
To create more secure passwords, increase the number of characters and use additional characters from all three types of acceptable characters (listed below).
- Alphabetic characters: A to Z, uppercase and lowercase
- Special characters: For example, !, @, #
Use passwords like this
- Replace letters with similar-looking characters; for example, replace the number zero (0) with O.
- Replace words with representative characters; for example, replace the word "and" with & or the word "up" with ^.
Do NOT use passwords like this
- Do not use your login; your email address; or your first name, middle name, or last name. (Your firm has the option to prohibit the use of logins and names in passwords.)
- Do not use common words that are in dictionaries. Password-cracking applications can run through millions of possible word combinations in seconds.
- Do not use repeating characters or keyboard strings. For example, do not use aaaaaa1, 111111a, asdfasdf1, or a1234567.
Other important information
- Do not share your password with anyone.
- Do not write down your password.
Note: If anyone makes ten consecutive attempts to log in to a portal using an incorrect password, we will disable the login. We will also send an email message to the email address that is assigned to the portal login; the email message notifies the user of the unsuccessful login attempts, and provides a link to enable the login. We will enable the login after 30 minutes or when the user clicks the link in the email message.