The following information details the updated security requirements for the Energy Rating Product Registration System (the Registration System).
This information applies to all users of the Registration System.
In September 2021, the GEMS Regulator changed how users access the Registration System.
These changes included:
These changes are part of the Australian Government's ongoing focus on uplifting cyber security across all government systems. They are designed to protect you, your data and the system itself from malicious cyber activity.
Detailed information about these requirements can be found here.
Keeping the Registration System secure is everyone's responsibility.
There are several ways you can help keep the Registration System secure:
Allowing someone else to use your login details increases the risk that your account will be compromised, especially if they are used on another website that falls victim to a cyber-attack.
Keep your login details to yourself. Do not share them with anyone else, including colleagues or supervisors. The Energy Rating Team will never ask you for your passphrase.
Your individual user account is different to the Applicant ID account. The Applicant ID account is used by the company that registers products. To access the Applicant ID account, you need to be given access by the Applicant's Authorising Officer.
Shared accounts increase the risk of unauthorised users being able to access accounts. Ensuring every person who needs access to the system has their own individual user account means you can be sure that only the people who needs access to your company's information have it.
The Energy Rating Team may suspend or terminate your account access if it has been determined that multiple people are using the same account.
If you need to store your login details, use a password manager. Do not write them down or store them in unsecure locations.
Change your passphrase regularly and do not use it on another website or system. You will not be allowed to use the same passphrase more than once. The system will prompt you to change your passphrase every 90 days if you do not change it before then.
Give access to your company's Applicant ID account only to those who have a genuine need to access the information, and whom you authorise to do so.
Alert the Energy Rating Team if you notice any odd or unusual activity.
Log out of the Registration System and exit your browser when you are finished, especially on a shared computer. This will clear your login session.
Refer to the Help section of the Registration System for further details and step-by-step instructions on these changes:
You can also refer to the Australian Cyber Security Centre for tips and advice on managing your personal cyber security.
If you have questions, please contact us.