Beta This part of GOV.UK is being rebuilt – find out what beta means

HMRC internal manual

Shared Workspace Business Manual

Information Security: Password Management

HMRC Members

HMRC Members of Shared Workspace must comply with HMRC standards as defined by S&ID Policy

If an HMRC Member loses their password they must follow the standard HMRC password reset procedure.

Customer Members: Password Criteria

Customer members access Shared Workspace via the Government Gateway. The password criteria for Government Gateway passwords are:

  • The password must be 8 to 12 characters in length.
  • Only alpha / numeric characters are allowable.
  • A password must contain at least 1 letter and 1 number, with no punctuation.
  • No password history is maintained but we strongly recommend that passwords are not recycled.
  • The password has no set duration and will not ‘expire’.
  • Users are able to reset their own password once they have logged into Government Gateway.
  • Enforced password change after the customer’s first successful log-in to the Government Gateway Service.
  • Passwords must not be divulged to others. In the event of suspected or actual compromise, the customer should immediately change their password.

Lost User ID and Password

If a Customer Member loses their User ID or their Password, they will need to follow the instructions at the Online Services log-in screen.

If a Customer Member loses both their User ID and Password they must contact the Online Services Helpdesk as follows

  • Telephone: 0300 200 3600
  • Textphone: 0300 200 3603
  • Outside UK: +44 161 930 8445

NOTE: the Helpdesk will require the Member to provide adequate ID before help is given which may include providing the SWS Activation token and Member ID.