|
Please observe the following measures to optimize the confidentially of your username and password.
|
|
| 1. |
Password must
consist of letters and numbers and its length must be
8, with a minimum of 3 alpha and 3 numeric. e.g. "skla1739",
to increase the difficulty of guessing or cracking the
passwords. |
| 2. |
Do NOT use special characters
and space. |
| 3. |
Do NOT use 3 or more
consecutive identical characters. e.g. "333", "aaa", etc. |
| 4. |
Do NOT use sequential
characters. e.g. "123", "abc", etc. |
| 5. |
Do NOT use consecutive
keyboard characters. e.g. "qwert", "asdfg", etc. |
| 6. |
Do NOT use your Username
as your password. |
| 7. |
Do NOT use obvious passwords,
such as initials, family names, company name, your date
of birth, HKID number, telephone number or other numbers
/ letters that could be guessed or insecure. |
| 8. |
Do NOT use passwords
from other Internet sites. |
|
| Handling
of Your Password |
|
|
| 1. |
Don't disclose
your password to anyone, including the Bank staff. |
| 2. |
Don't allow anyone else
to use your password. |
| 3. |
Don't write down or record
the password without disguising it, as this can easily
lead to discovery and compromise. |
| 4. |
Don't associate your
password with your initials, family names, birthdays,
HKID card number, telephone number or similar numbers
as your password. |
| 5. |
Change your password
periodically, e.g. within 90 days or 3 months and the
new password should be different from the previous passwords. |
| 6. |
Always remember to log
off when you have completed your banking activities. |
| 7. |
Report to us immediately
any actual or suspected misuse of your password and ensure
that such a password is changed without delay. |
| |
|
| |
You are responsible
for transactions carried out using your password. |
|
| Handling
of Your Password (Continued) |
|
|
| 8. |
Beware of common
social engineering attacks, e.g. people pretending to
be a police or Bank staff to ask you to tell them your
password. |
| 9. |
Make sure that no one
is looking over your shoulder as you are typing your password. |
| 10. |
Initial passwords given
by the Bank must be changed as soon as possible when the
system is first accessed. The original print copy of this
given initial password should be destroyed. |
| 11. |
Customers should not
leave their iBanking devices (e.g., computers) unattended
if they are in the middle of a session. |
| 12. |
Exercise care in using
the iBanking devices if the computer used to access iBanking
services is likely to be shared with others. For instance,
removing the temporary files that were stored in the memory
or on the hard disks of the customers' personal computers
during usage of iBanking services, as the temporary files
may contain sensitive information of the customers such
as account numbers. |
| 13. |
Exercise caution if other
password/account information detectors installed, as it
is often very easy for people to discover the data that
you are entering data. |
| 14. |
Upon a successful log-on
to the system, you should check the date and time of the
previous successful log-on, or details of the last unsuccessful
log-on attempt since the last successful log-on. Change
your password if you feel uncomfortable of the security
of your password. |
| 15. |
Do not access
your internet banking account nor provide your user ID
and password via hyperlinks embedded in any e-mails. Please
click here for more information. |
| |
|
| |
You are responsible
for transactions carried out using your password. |
|
|
|
| 1. |
Customers must
select a password that cannot be easily guessed by other
people and does not conform to a sequential convention.
Examples of bad passwords are abcdefgh, 12345678, abcd1234,
qwertyui, 22222222, 99990000, 11122233, 12341234, etc.
|
| 2. |
Wherever possible the
customers should think of a password that means something
to them, but not to others. |
| 3. |
Customers should not
choose their passwords from dictionary words, foreign
words or words derived from dictionary words (e.g. backward
words, like "drowssap" which is simply a backward spelling
of the word "password") |
| 4. |
You may consider to choose
your password by:
| (1) |
First choosing
a phrase/sentence that is easy for you to remember
(e.g. "DBS iBanking service needs strong password
for login") |
| (2) |
Take the initials
of each words or convert the word to a letter or
number (e.g. substitute "for" by "4") : Disnsp41 |
| (3) |
Convert some characters
(e.g. 'e' to '3', 'l' to '1', 'q' to '9', 'z' to
'2'), and pick "Disnsp41" as the password. |
|
|
| |
|
Customers should not choose a username that can be easily identified, such as your name, initials, date of birth, etc. For example, the username "jennytan" can be easily identified or guessed by others compared with the username "jenny487sbck". |
|
|
|
|
|
|
