All users are advised to adopt the following security practices in the selection and use of passwords.

1. Keep your password confidential at all times.

2. Do not keep a record of your password on paper, software file or hand-held device, unless it can be stored securely.

3. Change your password at regular intervals or based on the number of accesses, and avoid re-using or cycling old passwords.

4. Select quality passwords with sufficient minimum length which are:

(i)easy to remember but not based on anything somebody else could easily guess or obtain using names, telephone numbers, dates of birth or other personal information;

(ii)free of consecutive identical, all-numeric or all-alphabetic characters;

(iii)not vulnerable to dictionary or other malicious attacks from outside.

5. Change your password whenever you find any indication of system or password compromise.

6. You must change your temporary password when you log in for the first time.

7. Do not include passwords in any automated logon process.

8. Do not share your password with anyone.

9. Do not use the same password for both business and non-business purposes.