NIST’s National Cybersecurity Center of Excellence (NCCoE) recently released a second draft of the NIST Cybersecurity Practice Guide SP 1800-12 Derived Personal Identity Verification (PIV) Credentials. The new draft document is available online, and feedback and public comment will be accepted through October 1, 2018. Although the PIV and the NCCoE Derived PIV Credentials project are primarily aimed at the federal sector, both are relevant to mobile device users in the commercial sector using smart card-based credentials as well. This document is part of the NCCoE’s effort to address the challenge of derived PIV credentials through collaboration with members of the information technology (IT) community, including vendors of cybersecurity solutions.