NIST VTS 200-2 (Initial Public Draft) Implementation Guidance for the VVSG 2.0: Multi-Factor Authentication

Author(s)

Andrew Regenscheid (NIST), Gema Howell (NIST), Ryan Galluzzo (NIST), Carter Casey (MITRE), Chelsea Deane (MITRE)

Announcement

To support the implementation of the modernized standards in Version 2.0 of the Voluntary Voting System Guidelines (VVSG 2.0), NIST drafted NIST Voting Technology Series (VTS) 200-2 Implementation Guidance for the VVSG 2.0: Multi-Factor Authentication. VTS 200-2 provides guidance to address the multi-factor authentication(MFA) requirements within VVSG 2.0.

Voting systems that are certified to the VVSG 2.0 must meet the unique requirements found in the standard, such as supporting authentication without access to external networks (e.g., the internet). VTS 200-2 identifies the goals of the MFA requirements, potential challenges and constraints, and practical authenticator options.

The election community, cybersecurity and privacy professionals, election researchers, and any other interested parties are invited to review the draft and provide feedback by February 5, 2024 March 1, 2024. We encourage you to use this comment template when preparing and submitting your comments.

We appreciate your input! Feedback and comments should be sent via email to election-security [at] nist.gov (election-security[at]nist[dot]gov).