An area of growing concern for FAASTeam Representatives is that of IT security awareness, especially for the FAA web site www.FAASafety.gov. Because the permission levels granted to FAASTeam Representatives convey the ability to use the SPANS system and to validate WINGS and AMT Awards Program credits, FAA IT Security standards require that your password on FAASafety.gov be changed every 90 days – four times a year, and that the password meets complexity requirements, as stated on FAASafety.gov. We appreciate your understanding of this requirement - a requirement over which we have no control.
The rationale for this regular password change requirement is that when you validate a WINGS credit, you are, in effect, helping the pilot meet a regulatory requirement – namely that of satisfying the requirements of 14 CFR part 61.56, Flight Review. 14 CFR part 61.56(e) says, in short, that completing a phase of WINGS satisfies the Flight Review requirement.
If someone used your log in and password to your account on FAASafety.gov, they could fraudulently validate a credit, and a pilot would erroneously believe he/she meets the Flight Review requirement.
So please, protect your password! Don’t let someone look over your shoulder as you log into your Representative account. In addition, don’t leave your computer unattended while you are still logged into your Representative account. If you must leave your computer, please log out of your account. Furthermore, if you maintain a list of passwords, that list must be password-protected as well.
The bottom line is that security, and especially IT security, must be an item of consideration whenever you are acting as a FAASTeam Representative.