Description

NSE mandates one-time password reset for all users of eIPO and ASBA eForms platforms after November 14, 2025 to enhance security and cyber resilience.

Summary

NSE is implementing enhanced security measures for its eIPO and ASBA eForms platforms through mandatory password encryption. All users, including API users, must reset their passwords after end of day November 14, 2025. Upon successful validation of existing credentials after this date, users will be prompted to mandatorily reset passwords before gaining access to the applications.

Key Points

  • One-time mandatory password reset required for all users (including API users)
  • Affects two platforms: NSE eIPO (https://eipo.nseindia.com) and ASBA eForms (https://ipoforms.nseindia.com)
  • Password reset must be completed on or after end of day November 14, 2025
  • Access to applications will be enabled only after successful password reset
  • Implementation aims to reinforce security and improve cyber resilience

Regulatory Changes

NSE is implementing enhanced password encryption and authentication protocols for its Primary Market platforms to strengthen cybersecurity measures. This represents a system-wide security upgrade requiring user credential refresh.

Compliance Requirements

  • All market participants must reset passwords for eIPO and eForms platforms
  • Action required: Reset password when prompted after November 14, 2025
  • Both regular users and API users must complete the password reset
  • Existing credentials will be validated first, then mandatory reset prompt will appear
  • Failure to reset password will prevent login access to the platforms

Important Dates

  • November 07, 2025: Circular issued
  • November 14, 2025: End of day - Mandatory password reset implementation date
  • After November 14, 2025: Users must reset passwords to continue accessing platforms

Impact Assessment

Operational Impact: Medium - All participants using eIPO and ASBA eForms platforms must take action to reset passwords. This is a one-time administrative requirement that may cause temporary workflow disruption if users are not prepared.

Market Impact: Low to Medium - No direct impact on trading or market operations, but could affect IPO-related activities if users fail to reset passwords in time.

Security Impact: High positive - Enhanced password encryption improves overall cybersecurity posture and system resilience against potential threats.

User Impact: All participants, including API users, will need to allocate time for password reset. Organizations should proactively communicate this requirement to relevant personnel to avoid login issues.

Impact Justification

Mandatory security measure affecting all IPO platform users. Medium impact as it requires action from all participants but is a one-time administrative task to enhance system security.