Search Details

Reset My FISS / DDE Password

CMS has directed it’s datacenters to enforce password requirements set forth in the United States Defense Information Systems Agency’s (DISA) Security Technical Implementation Guide (STIG) with regard to RACF password quality rules. The HPE VDC has updated the OKIPC1B security system to require any new or changing mainframe password to meet these DISA STIG requirements.

CMS’ information security policy strictly prohibits the sharing or loaning of Medicare assigned IDs and passwords. Users should take appropriate measures to prevent unauthorized disclosure or modification of assigned IDs and passwords. Violation of this policy will result in revocation of all methods of system access, including but not limited to EDI front-end access or Enterprise Data Center, Resource Access Control Facility (EDC RACF) user access.

Important Reminder: Your password will expire every 30 days. To avoid calling the EDI Help Desk for a

password reset, you must logon to FSS0 and access a region at least once every 29 days. Only checking eligibility will not prevent your account from being revoked.

If you have not accessed FSS0 and logged onto a region for more than 60 days, and have only used the online Medicare system to check eligibility, your ID will be deleted requiring you to fill out a Part A Logon Request Form to get it reinstated. To avoid this, please log on to FSS0 and access a region at least every 59 days.

The password requirements are below. Please follow these guidelines when resetting your password.

  1. Password length – eight characters
  2. At least one of each of the four character types are required:
    • Uppercase Letters = ABCDEFGHIJKLMNOPQRSTUVWXYZ
    • Lowercase Letters = abcdefghijklmnopqrstuvwxyz
    • Numbers = 0123456789
    • Special Characters = $@#.<+|&!*-%_>?:=
  3. No more than three consecutive characters of the user's name or USERID may be used in the password.
  4. Consecutive repeating characters are not allowed—for example the ‘ll’ in ‘allowed’ will cause an error. Characters can be repeated, for example ‘e’ in ‘Eve’ would be acceptable, but characters used more than once cannot be immediately next to each other in the password.
  5. Only three unchanged positions of the current password are allowed to be used in the new password. An unchanged position means the same character in the same position, one through eight, in the new password.
  6. The following ‘words’ are restricted and may not be used in any position in the password:
    • IBM
    • RACF
    • PASSWORD
    • PHRASE
    • SECRET
    • IBMUSER
    • SYS1
The following abbreviations may not be used as the first characters of passwords:
APPL MAY
APR NET
AUG NEW
ASDF NOV
BASIC OCT
CADAM PASS
DEC ROS
DEMO SEP
FEB SIGN
FOCUS SYS
GAME TEST
JAN TSO
JUL VALID
JUN VTAM
LOG XXX
MAR 1234

 

Reviewed 6/6/2024