Skip to main content

Protect your TSP account

Protecting your TSP account is our top priority, and it’s a responsibility that we share with you as a TSP participant. While we create a secure connection to tsp.gov and give you control over your account settings, we strongly encourage you to take steps to protect your data when you’re online.

You can learn more about how to protect yourself on the internet, how to recognize scams that attempt to steal your information, and more about online security from the Federal Trade Commission.

If you’re concerned that your personal information or TSP account has been compromised, contact us immediately.

3 actions to take now to prevent fraud

1. Validate your contact information and confirm that the mailing address on your account is correct.

Go to My Account: Profile Settings to review and update your validated phone and email. You must add and validate a phone number and use two-step authentication to access your TSP account.

You can also confirm the mailing address on your account in My Account: Profile Settings. Make sure to update your mailing address if you need to.

2. Protect your user ID, password, and PIN.

Create a user ID and secure password that are unique to your TSP account, and don’t share them with anyone. Your user ID, password, and PIN are your business, and no one at the TSP will ever need to know that information for any reason. If your browser offers autocomplete, disable it so it doesn’t store your My Account login credentials.

3. Consider adding a “hold” on loan and withdrawal requests.

When you place a hold on your account, any pending or new request related to loans or withdrawals will not be processed. You can still access your account normally and manage your savings through interfund transfers and changes to your contribution allocation. You can make this request in My Account: Profile Settings by selecting “Participant Requested Hold” or by calling the ThriftLine and speaking to a TSP representative.

You’ll continue to receive any installment payments that you set up previously with a withdrawal request. We will also continue making IRS required minimum distributions (RMDs) and any court-ordered payments from your account. The hold on your account will remain in place until you call the ThriftLine and request to remove the hold.

It usually takes up to 2 business days to remove the hold from your account after we receive and verify your request. That means you do need to plan ahead for that extra step when it’s time to make a withdrawal or loan request. In the meantime, you can be sure that you’ve done everything you can to keep your TSP savings safe.

Other ways to help prevent fraud

Take these steps to help further protect your TSP account:

Be cautious with software and mobile applications

You may encounter software or mobile applications that reference the Thrift Savings Plan and prompt you for your TSP account credentials. The TSP does not support these applications. We cannot endorse any information or advice you may receive from third-party software or applications. Providing your TSP account credentials to third-party software or applications may jeopardize your account security.

How two-step authentication helps prevent fraud

All TSP participants must use two-step authentication to log in to My Account. Two-step authentication helps you protect your account against fraud by prompting you for a one-time code each time you log in. This login process is more secure because it means that online access to your account requires something you know (your user ID and password) and something you have (a one-time code that you receive on your device). Someone who tries to log in to your account fraudulently won’t be able to gain access without the code.

Learn to identify real TSP communications

We may communicate with you in several different ways:

We will not contact you about investment opportunities or authorize third parties to provide counseling or services related to your investment choices. We do not assign the terms “TSP Advisor” or “TSP Counselor” to any individual or group.

If you’re not sure whether correspondence or phone calls claiming to be from the TSP are authentic, do not provide any personal or financial information. Contact us directly if you have questions or if you need to report suspicious activity.

How we protect your TSP account

We offer you various ways to add layers of security to your account: