By: VeCoya Greene
You told us that you’re frustrated by the password requirements for AESDirect, based on your responses from our most recent customer service survey.
Our goal is not to make your life more difficult; in fact, we want to protect you and the information you file to the AES. The password requirements work to achieve two goals—protecting export data from unauthorized access and protecting the privacy of our filers.
Why are the password requirements so complicated?
The rules for creating or changing your password are mandated by the Federal Information Security Management Act (FISMA) and enforced by the U. S. Department of Commerce, of which the Census Bureau is a part.
The IT security team designed the password requirements to prevent security breaches in AESDirect filer accounts.
Why do I have to change my password so often?
According to the ‘Required Security Controls for Census Bureau Information Systems’, certain rules must be followed to ensure password safety. One of those requirements is to change passwords at least once every 60 calendar days.
The Census Bureau’s security policy states that
“…the AESDirect System must adhere to security requirements established by FISMA as part of Title III of the E-Government Act of 2002. Through the enforcement of these security mandates, parameters are established based on predetermined frequencies and durations in order to strengthen the security posture of the system. All users accessing a government system are agreeing to the terms and conditions of that system.”
These security requirements strengthen the security of AES for all users!