Authentication Policy

This policy is the Authentication Policy referred to in the UK Participation Agreement between Digital Completion UK Limited and (as applicable) the Participant or the Customer (Participation Agreement).

Terms which are defined in the Participation Agreement have the same meaning when used in this Authentication Policy.

The Participant or Customer (as applicable) must ensure that:

  1. User passwords contain a minimum of eight (8) characters and satisfy at least three of the following:
    1. the password includes at least one (1) uppercase letter;
    2. the password includes at least one (1) lowercase letter;
    3. the password includes at least one (1) number (0-9); and
    4. the password includes at least one (1) special character;
  2. Users cannot use a previously used password when setting a new password;
  3. Users are locked out after multiple consecutive incorrect login attempts;
  4. the unlock process is secure and involves User verification;
  5. the password reset process is secure;
  6. password expiry periods are enforced;
  7. there is a system idle lockout duration in place;
  8. Multi-factor authentication is required for application access;
  9. Users require an organisational VPN for application access; and
  10. Users who have left the organisation are deactivated from the organisation’s network in a timely manner.

PEXA is the trading name of Digital Completion UK Limited.
Registered Office: 85 Great Portland Street, First Floor, London W1W 7LT.
Registered in England and Wales. Company No. 12830944.

Our website uses cookies to make your browsing experience better. By using our site you agree to our use of cookies. Learn more.