Protecting Your Identity

Safeguarding your information is a top priority at the Tax Commission. With current trends in online hacking, identity theft, and other criminal activity, every business, government agency, and individual must take precautions and be alert.

To help safeguard your information and keep your money from going to criminals, the Tax Commission may need to verify your identity. Learn about the letter(s) you may have received.

Identity theft is one of the fastest-growing crimes in the U.S. We’re committed to identifying and stopping tax identity theft wherever possible, and to helping victims to safely file their tax returns and receive the refunds they’re entitled to.

When someone deliberately falsifies a tax return to either reduce tax owed or obtain a refund that isn’t deserved, that’s tax fraud. If you suspect or know of an individual or business that’s violating Idaho tax laws, you can report this activity.

A more secure computer

To ensure that your computer is more secure, we strongly recommend you take the following precautions:

  • Routinely scan for viruses and malware. Scan your computer with trusted antivirus/anti-malware software and perform the actions recommended by the software.
  • Keep your operating system and browser up to date. Enable automatic updating for your computer operating system and browser or update them as soon as you get a notification.
    • To check for browser updates in Internet Explorer, select the Tools tab and click Windows Update.
    • In Firefox, click the Firefox menu on the browser’s menu bar and select “About Firefox.” Updates will download immediately when the “About Firefox” window opens.
    • Google Chrome performs automatic updates by default.
    • Apple Safari prompts for updates through your Mac’s Apps program.
      NOTE: These are supported browsers for accessing TAP.

Your password’s a key

Protect all your passwords. They are keys that unlock the door to your personal information.

  • Never enter your password after following a link in an email. Go to the web address (URL) in your browser to sign in.
  • Never tell anyone your password. (TAP will never email you to ask for your password or other sensitive information.)
  • If you worry your password may have become compromised, change it immediately. (Here’s how to change your password in TAP.)
  • Avoid emailing passwords.
  • If you use a public computer, log out of your account after you’re done. Look for the confirmation message that you are logged out before leaving the computer.
  • Be cautious when conducting secure business using public or free Wi-Fi.

Creating a strong password

Always use a strong password. A strong password has 10 to 15 (or more) characters that are random combinations of letters, numbers, and special characters.
“Special characters” include: ˜ ! @ # % ^ & * _ – + = ? / | \ ; : [ ] { } ( ) < > . ,

The Tax Commission is committed to protecting you and your information from identity thieves. To safeguard your data, we’ve adopted security requirements set by the National Institute of Standards and Technology (NIST). We understand that creating and changing passwords requires extra effort. However, this extra effort results in enhanced security for you. Our responsibility is to make sure that only you can access your sensitive information. Some of our security enhancements include:

  • Requiring strong passwords (upper case letter, lower case letter, number, and special character).
  • Requiring that passwords be changed every 90 days. (You can reset your TAP password whenever you wish.)
  • Requiring a password to verify that you intend to make a payment.
  • Requiring 2-factor authentication.

2-factor authentication

Our TAP (Taxpayer Access Point) system allows you to file most permit-based return(s), pay your taxes, and view and update your tax records. (Learn more about TAP.)

To protect your identity and your TAP account information, the Tax Commission uses 2-factor authentication for a second layer of security for your account.

When you log in to TAP with your username and password, you’ll receive either a text message, an email, or both (depending on your preference) within a few minutes. Enter this code in the appropriate field on your login screen.

If you want to change this information, Visit your Account Profile page and choose to receive a text message, an email, or both. (Be sure your phone number and email address are correctly entered in your profile before you save this information in your account.)

If you typically use a computer that isn’t shared with others, you can select “trust this browser,” and a cookie will be stored on your computer so you can log in without receiving the 2-factor authentication prompt. The cookie is tied only to that browser and computer.