Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Draft FIPS 201-3 and Workshop: Personal Identity Verification (PIV) of Federal Employees and Contractors

Draft FIPS 201-3, "Personal Identity Verification (PIV) of Federal Employees and Contractors," is now available for public comment through February 1, 2021.

NIST requests comments on Draft Federal Information Processing Standard (FIPS) 201-3, Personal Identity Verification (PIV) of Federal Employees and Contractors. This Standard defines common credentials and authentication mechanisms offering varying degrees of security for both logical and physical access applications. The draft revision proposes changes to FIPS 201-2, Standard for Personal Identity Verification of Federal Employees and Contractors, including:

  • expanding specification on the use of additional PIV credentials known as derived PIV credentials,
  • procedures for supervised remote identity proofing,
  • the use of federation as a means for a relying system to interoperate with PIV credentials issued by other agencies,
  • alignment with the current practice/policy of the Federal Government, and
  • specific changes requested by federal agencies and implementers.

Request for Comments

The draft of FIPS 201-3 is available for review and comment on the NIST Pages website at and as a printable PDF.

Comments on FIPS 201-3 must be received on or before February 1, 2021. Comments should be submitted on the project repository at Comments may alternatively be sent to piv_comments [at] (subject: Comments%20on%20Draft%20FIPS%20201-3) preferably using the comment template.

All submissions, including attachments and other supporting materials, will become part of the public record and subject to public disclosure. NIST reserves the right to publish relevant comments, unedited and in their entirety. Relevant comments received by the deadline will be published electronically at without change or redaction, so commenters should not include information they do not wish to be posted. Personal information, such as account numbers or Social Security numbers, or names of other individuals, should not be included. Do not submit confidential business information or otherwise sensitive or protected information. Comments that contain profanity, vulgarity, threats, or other inappropriate language or content will not be posted or considered.

FIPS 201-3 Workshop

A public virtual workshop will be held on December 9, 2020 to present Draft FIPS 201-3.  Please visit the Draft FIPS 201-3 event page for agenda and registration details. For all other inquiries, please email piv_comments [at] (subject: Comments%20on%20Draft%20FIPS%20201-3) .  

Released November 3, 2020, Updated February 10, 2021