UPDATE 17 May 2014: DFAS Relaxes Password Restrictions
The Defense Finance and Accounting Service (DFAS) is changing the requirements for password strength for MyPay accounts. Because it is a big change, they are phasing in the MyPay password changes over the next few months. Be prepared so that you won't be locked out of your MyPay account.
Who?
Everyone who uses MyPay to access their military pay information will eventually need to change to a "strong" password. This includes limited access user accounts.
What?
The new password requirements are more stringent than the old password requirements. In addition, passwords will need to be changed every 60 days. You may not repeat a password until there have been more than 10 password changes, and each new password must have at least four differences from the previous password.
Requirements include:
- Must be 15 to 30 characters in length
- Contain at least two UPPERCASE letters
- Contain at least two lowercase letters
- Contain at least two numbers (0-9)
- Contain at least two of the following special characters:
- # (pound or number sign)]
- @ (at sign)
- $ (dollar sign)
- = (equal sign)
- ^ (caret)
- ! (exclamation)
- * (asterisk)
- _ (underline/underscore)
- Must NOT include any spaces
DFAS has suggestions for creating and remembering a strong password.
When?
The changes are being implented based upon the last two digits of your social security number. Your old password will expire on this date, and you will be required to create a new "strong" password.
- 00-14: June 15, 2013
- 15-29: July 1, 2013
- 30-44: July 15, 2013
- 45-59: August 1, 2013
- 60-74: August 15, 2013
- 75-89: September 1, 2013
- 90-99: September 15, 2013
Why?
MyPay account access allows access to a wide range of financial information and the ability to make changes, including depositing account information and allotments. Therefore, it is essential that access is secure. Switching to strong password requirements will help protect your financial information and your money.
Intellectually, I know this is a good thing. However, as a person who struggles with passwords every day, this is just going to be one more hassle in my life. What do you think?