#中国加密新规 - "Commercial Password Management Regulations": Revised and adopted at the 4th executive meeting of the State Council on April 14, 2023, to be implemented from July 1, 2023. This regulation standardizes the application and management of commercial passwords and encourages and promotes the development of the commercial password industry. The content includes improving the management system for commercial passwords, promoting technological innovation and standardization in the commercial password field, establishing a comprehensive commercial password testing and certification system, strengthening the management of electronic certification services using passwords and electronic government electronic certification service activities, and regulating the import and export management of commercial passwords.

​

- "Regulations on the Management of Commercial Password Use for Critical Information Infrastructure": Jointly issued by the National Cryptography Administration, the National Internet Information Office, and the Ministry of Public Security, officially effective from August 1, 2025. The new regulations establish the "Three Synchronization Principles," requiring that commercial password security systems be synchronized during the planning, construction, and operation phases of critical information infrastructure. At the same time, a strict full lifecycle assessment mechanism is established, requiring operators to report the usage and assessment of commercial passwords for critical information infrastructure to their respective protective work departments by January 31 each year. For violations, fines can be as high as 1 million yuan, and direct responsible persons can face fines up to 100,000 yuan.