Registering as an RDS Secure Website User

User Roles:

AM

AR

AC

D

This page contains answers to Common Questions about registering as an RDS Secure Website user. Review this page to learn about how to register as an RDS Secure Website user, how often to change your Password, and more. For additional information refer to the Register as an RDS Secure Website User section of the RDS User Guide.

What is a Login ID?

ANSWER: Each user creates a Login ID during Registration, which allows access to the RDS Secure Website.

Create a Login ID based on the following requirements:

  • Must be 8 to 15 characters
  • Can only contain Uppercase letters, Lowercase letters or numbers

Answer ID: 300-1
Date Posted: 10/17/2014

Return to top

What are Security Questions?

ANSWER: During Registration, each user selects two Security Questions and enters Answers to those Security Questions.

The Security Questions are used to protect personal information, allow RDS users to provide an Electronic Signature, and to reset Passwords.

Note: Security Questions can only be changed once in a 24-hour period.

Answer ID: 300-2
Date Posted: 10/17/2014

Return to top

What are the Password requirements?

ANSWER: Each user creates a Password during Registration, which allows access to the RDS Secure Website.

Create a Password based on the following requirements:

 

  • Must be 8 to 14 characters in length
  • Must begin with a letter
  • Must include each of the following:
    • 1 - Lowercase letter
    • 1 - Uppercase letter
    • 1 - Number
    • 1 - Special character
  • Must not contain the Login ID
  • Must not contain a reserved word. For more information, refer to Reserved Words List
  • Must not be a dictionary word or name
  • Password cannot match 4 consecutive characters in the most recent Password
  • Password cannot match any of the previous 6 Passwords

Note: A Password can only be changed once in a 24-hour period.

Answer ID: 300-3
Date Posted: 10/17/2014

Return to top

How often do I have to change my Password?

ANSWER: Passwords must be changed every 180 days.

Answer ID: 300-4
Date Posted: 10/17/2014 Last Updated: 11/21/2014

Return to top

How do I register as an Account Manager?

ANSWER: Refer to Account Manager Registration for required registration information and step-by-step instructions.

Answer ID: 300-5
Date Posted: 10/17/2014

Return to top

How do I register as an Authorized Representative?

ANSWER: Refer to Authorized Representative Registration for required registration information and step-by-step instructions.

Answer ID: 300-6
Date Posted: 10/17/2014

Return to top

How do I register as an Actuary?

ANSWER: Refer to Actuary Registration for required registration information and step-by-step instructions.

Answer ID: 300-7
Date Posted: 10/17/2014

Return to top

How do I register as a Designee?

ANSWER: Refer to Designee Registration for required registration information and step-by-step instructions.

Answer ID: 300-8
Date Posted: 10/17/2014

Return to top

What is the User Agreement?

ANSWER: The User Agreement is an agreement put forth by the Centers for Medicare & Medicaid Services (CMS) Retiree Drug Subsidy (RDS) Center that outlines the terms and conditions of accessing the RDS Secure Website. The User Agreement covers purpose, privacy policy, systems of records, links, pop-up advertisements, outdated information, accessibility, and the Freedom of Information Act (FOIA), along with all subsets of these topics. For reference, the text of the User Agreement is available on the Agreements page.

Answer ID: 300-9
Date Posted: 10/17/2014

Return to top

What is Multi-Factor Authentication (MFA)?

ANSWER: Multi-Factor Authentication (MFA), also known as two-step or two-factor authentication, is a security enhancement that allows you to provide two pieces of evidence, or "factors", to confirm your identity when logging in to your RDS Secure Website account. These credentials fall into two categories: something you know (i.e., your Login ID and Password) and something you have (i.e., your personal device).

Updated Federal security policies require that each RDS Secure Website account must activate Multi-Factor Authentication (MFA) prior to accessing the RDS Secure Website. Users must enter their Login ID, Password, and MFA token to access the Secure Website. MFA can be configured on only one device at a time. CMS' RDS Center has implemented Google Authenticator as the independent token generation software for the RDS Secure Website. Google Authenticator is a free application that is available for download to an iOS or Android device.

Individuals are responsible for maintaining and protecting their RDS Secure Website account access. It is a violation of Federal law to share or transfer user accounts or Login and Password information.

Refer to Multi-Factor Authentication for additional information.

Answer ID: 300-10
Date Posted: 8/16/2019

Return to top