Frequently Asked Questions |
|
1. How
can I securely access my TSP account information?
If you want to access account information and make on-line transactions through this Web site, your browser must have Secure Sockets Layer (SSL) and 128-bit encryption. To access account information through either this Web site or the ThriftLine, you will need to use your Social Security number (SSN) and your TSP Personal Identification Number (PIN). If you have forgotten your PIN, you can get a new one through Account Access or by calling the ThriftLine.
2. How
does the TSP safeguard account information on the Internet?
There are three ways the TSP keeps account information secure:
3. What
if I do not want to have online access to my TSP account information?
You can block online access to your personal TSP account information by writing to the TSP Service Office, National Finance Center, P.O. Box 61500, New Orleans, LA 70161-1500. Include your SSN and your date of birth in your letter. Note, however, that if you block online access, you will not be able to access your personal TSP account information on either this Web site or the ThriftLine. (You will have to write to the TSP Service Office to unblock access.)
Encryption is a process by which your password and all information relating to you and your TSP account information is scrambled and locked with a mathematical key during an electronic transaction for your protection. Most browsers have an icon such as a key or a lock to represent an encrypted mode or session. A broken key, open lock, or no lock indicates that the session or mode is not encrypted.
5. How
does my Web browser affect the security of TSP account information?
Your Web browser must meet TSP requirements for maintaining the privacy and security of your TSP account information. Your Web browser must support Secure Sockets Layer (SSL) and 128-bit encryption. The 128-bit encryption must be downloaded and activated on your browser.
For more information about encryption on your browser, look in the security information section of the browser's "Help" feature. You can also contact Netscape, Microsoft, your system administrator, or your Internet service provider for information about the level of encryption on your browser.
6. I work
overseas. I am unable to use the Account Access feature because of restrictions on
128-bit encryption. What can I do?
This Web site now uses upgraded encryption International Step-up or Global Server ID that establishes temporary 128-bit encrypted sessions for overseas TSP participants when they use the Account Access section of this Web site. This encryption is accessible to you if you use a recent version of a browser, such as Netscape Navigator, or later versions of Microsoft Internet Explorer. You can find technical information about this encryption technology on the Internet.
7. With
Microsoft Internet Explorer, my SSN and PIN are automatically filled in after I type the
first digit of my SSN. What can I do to eliminate this security hazard?
We are aware that this happens with some computer systems and have determined that its source is the AutoComplete feature of the MSIE (Microsoft Internet Explorer) browser. We recommend that you disable this feature immediately so that it does not store a SSN or PIN previously entered in your MSIE file.
To disable the AutoComplete feature:
8. My SSN
and PIN work on the ThriftLine. However, when I use the AOL, Web-TV, or Unix
browser, I sometimes get an invalid SSN/PIN error, or the message "The security
certificate was signed by an unknown authority." How can I correct this?
We have discovered that most Unix, AOL, and Web-TV users who are experiencing difficulties accessing their TSP accounts do not actually have the most recent browser and encryption module installed. Downloading and installing the latest browser and/or operating system patches that have 128-bit encryption usually takes care of the problem. You can generally download the latest version of a browser with the necessary encryption free of charge from the Internet. However, if the problem persists, we recommend using the most recent version of the Netscape Navigator browser.
9. My
browser certificate has expired. What does that mean? What should I do?
This is not a TSP-related issue. If you try to access one of our Account Access secure pages and you encounter a warning dialog box stating "Certificate Authority has expired," the warning message refers to the root VeriSign® Certificate Authority (CA) certificate expiration, which does not affect the Secure Sockets Layer (SSL) encryption used with this Web site.
You can avoid the warning by upgrading your browser. To download the latest version of your preferred Internet browser now, visit either Netscape's Web site, www.netscape.com, or Microsoft's Web site, www.microsoft.com.
10. What
should I do if my version of Netscape is affected by the two FedCIRC Advisories
FA-2000-05, "Netscape Navigator Improperly Validates SSL Sessions," and
FA-2000-08, "Inconsistent Warning Messages in Netscape Navigator"?
This is not a TSP-related issue. These advisories represent Internet security flaws that occur when security certificates have expired. You can avoid the security flaws of older versions of browsers by checking to see whether your browser's security certificates have expired and, if necessary, upgrading your browser to the latest version. To download the latest version of your preferred Internet browser, visit either Netscape's Web site, www.netscape.com, or Microsoft's Web site, www.microsoft.com. For background information regarding security flaws and possible technical solutions, click on Security Advisories.