Skip to main content

Protect your TSP account

Protecting your TSP account is our top priority, and it’s a responsibility that we share with you as a TSP participant. While we create a secure connection to and give you control over your account settings, we strongly encourage you to take steps to protect your data when you’re online.

You can learn more about how to protect yourself on the internet, how to recognize scams that attempt to steal your information, and more about online security from the Federal Trade Commission.

If you’re concerned that your personal information or TSP account has been compromised, contact us immediately.

Learn to identify real TSP communications

How we contact you

We will not contact you about investment opportunities or authorize third parties to provide counseling or services related to your investment choices. We do not assign the terms “TSP Advisor” or “TSP Counselor” to any individual or group.

If you’re not sure whether correspondence or phone calls claiming to be from the TSP are authentic, do not provide any personal or financial information. Contact us directly if you have questions or if you need to report suspicious activity.

What you should do to help prevent fraud

Steps you should take to protect your TSP account include:

How we protect your TSP account

Account security features we give you include:

Be cautious with software and mobile applications

You may encounter software or mobile applications that reference the Thrift Savings Plan and prompt you for your TSP account credentials. The TSP does not support these applications. We cannot endorse any information or advice you may receive from third-party software or applications. Providing your TSP account credentials to third-party software or applications may jeopardize your account security.

Two-step authentication helps prevent fraud

All TSP participants must use two-step authentication to log in to My Account. Two-step authentication helps you protect your account against fraud by prompting you for a one-time code each time you log in. This login process is more secure because it means that online access to your account requires something you know (your user ID and password) and something you have (a one-time code that you receive by phone). Someone who tries to log in to your account fraudulently won’t be able to gain access without the code.

Tips for using two-step authentication