Password Creation & Protection Guidelines

To access all Uwanjani resources, users must adhere to security policies we’ve set for them. One such policy is passwords. Passwords are a key part of our strategy to make sure only authorized people can access those resources and data. We use passwords to protect against unauthorized access to your data thus it’s important that we follow strong security password policies for your protection.

We’ve set up advanced secure mechanisms to protect your account information including passwords but it’s also the customer’s responsibility as well to further protect it.

All users that access the web portal and mobile application are responsible for choosing strong passwords for themselves and their users and protecting their log-in information from unauthorized people.

The Guidelines Include:

(a). All passwords should be reasonably complex and difficult for unauthorized people to guess. Users should choose passwords that are at least eight characters long and contain a combination of upper- and lower-case letters, numbers, and punctuation marks and other special characters; these requirements will be enforced with software when possible.

(b). Akida users must avoid basic combinations that are easy to crack when choosing passwords. For instance, choices like “password,” “password1” and “Pa$$w0rd” are equally bad from a security perspective.

(c). A password should be unique, with meaning only to the user who chooses it. That means dictionary words, common phrases and even names should be avoided. One recommended method to choosing a strong password that is still easy to remember: Pick a phrase, take its initials and replace some of those letters with numbers and other characters and mix up the capitalization. For example, the phrase “This may be one way to remember” can become “TmB0WTr!”.

(d). Users must choose unique passwords for all of their Uwanjani accounts and may not use a password that they are already using for a personal account.

(e). All passwords must be changed regularly, with the frequency varying based on the sensitivity of the account in question. This requirement will be enforced using software when possible. If the security of a password is in doubt– for example, if it appears that an unauthorized person has logged in to the account — the password must be changed immediately.

(f). Default passwords, such as those assigned to new users when they’re set up, must be changed as quickly as possible.

(g). All users should never share their passwords with any outside parties, including those claiming to be representatives of a business partner with a legitimate need to access Uwanjani.

(h). All users should take steps to avoid phishing scams and other attempts by hackers to steal passwords and other sensitive information. We’re available to offer training on how to recognize these attacks.

(i). All users must refrain from writing passwords down and keeping them at convenient physical locations.

Our dedicated support team is always available to guide further. You can reach us at support@ukall.co.ke. At Ukall Limited we value your security.