1.   The application of the electronic central register shall be accessible to internal users only by using two-factor authentication.

2.   EBA shall provide a default username and password and the other security credentials to the internal users for accessing the application of the electronic central register.

3.   Internal users shall be required to change their default username and password at their first log-in into the application of the electronic central register.

4.   EBA shall ensure that the authentication method applied allows the identification of each internal user.

5.   EBA shall ensure that the application of the electronic central register does not allow information to be inserted or modified in the electronic central register by persons who do not have access to the application of the register or who do not have the appropriate permissions to do so.