The IRS Security Summit, composed of the IRS, state tax agencies and industry partners (including TaxAct), has developed new and expanded safeguards to help fight identity theft. The additional requirements focus on "trusted customer" features to authenticate tax preparers, taxpayers, and tax returns.
The IRS Security Summit's new requirements apply to all professional tax products across the industry, including TaxAct Professional's solutions.
In order to comply with these requirements designed to protect your and your clients' data, TaxAct Professional will employ all of the following security and multi-authentication measures for the 2016 tax season. (TaxAct implemented some of these last tax season but they were optional or slightly different.)
- Multi-factor user authentication – TaxAct Professional download software and online solutions will require sign in using your TaxAct Account username and password every 24 hours. Re-authentication is required after 30 minutes of inactivity in a work session. Additionally, users will be required to enter a unique code whenever you sign in to a device for the first time.
- Stronger account passwords – Your TaxAct Account password will expire every 90 days. We will send you a reminder email several days before your password expires.
- Passwords are also now required to have a minimum number of characters, upper and lower case letters, numbers and special characters.
- Account protection – After three unsuccessful attempts to sign in to a TaxAct Account, the account will be automatically locked. (If you can’t remember your username or password, be sure to use the "Forgot" links on the sign in page.)
- Robot-fighting technology – Captcha is used to verify that a human being is signing in. It’s considered one of the first lines of defense in fighting identity theft because automated bots will stop attempts if Captcha is detected.
We realize these requirements may be an inconvenience, but these measures are being followed by the entire industry in order to safeguard you and your clients and to prevent identity theft and the sort of measures to respond to a security breach the IRS outlines here: https://www.irs.gov/newsroom/what-to-do-if-you-suffer-a-data-breach-or-other-security-incident.
Please remember to do your part to help protect your and your clients' data:
- Review the TaxAct System Requirements – TaxAct does not support Vista and we recommend using IE 11 or greater as your web browser.
- Stay current with IRS security announcements. Bookmark the IRS "Protect Your Clients; Protect Yourself" resource page.
- Follow the guidelines in IRS Publication 4557, Safeguarding Taxpayer Data, A Guide for Your Business, which includes a checklist to help safeguard your clients' data and enhance your office security.