1.The Union registry shall issue each authorised representative and additional authorised representative with a username and password to authenticate them for the purposes of accessing the registry.
2.An authorised representative or additional authorised representative shall only have access to the accounts within the Union registry which he is authorised to access and shall only be able to request the initiation of processes which he is authorised to request pursuant to Article 19. That access or request shall take place through a secure area of the website of the Union registry.
3.In addition to the username and password referred to in paragraph 1, national administrators shall provide secondary authentication to all accounts administered by them. The types of secondary authentication mechanisms that can be used to access the Union registry shall be set out in the Data Exchange and Technical Specifications provided for in Article 71.
4.The administrator of an account may assume that a user who was successfully authenticated by the Union registry is the authorised representative or additional authorised representative registered under the provided authentication credentials, unless the authorised representative or additional authorised representative informs the administrator of the account that the security of his credentials has been compromised and requests a replacement.