3
|
The following apply in case of electronic password:
- The initial electronic password shall be generated randomly, and shall not be related to the user's identity, account number, or other personal user information.
- The electronic password shall be a strong password as defined in the TWSE Rules for Establishing Information Security Inspection Mechanisms for Securities Firms.
- The electronic password shall be stored in encrypted form.
- The period of validity for any electronic password to be activated may not exceed one month, and if the password has not been activated after one month, a new application for a password must be made. The securities firm or futures commission merchant shall effectively verify the investor's or trader's identity and retain relevant records, before it may accept the investor or trader application.
|