Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Guideline on User Authentication Techniques for Computer Network Access Control



Institute for Computer Sciences and Technology National Bureau of Standards


[Withdrawn February 8, 2005] This Guideline provides information and guidance to Federal agencies on techniques and practices which can be used to control access to computer resources via remote terminals and networks. A variety of methods are described for verifying the identity of persons using remote terminals, as a safeguard against unauthorized usage. This Guideline discusses the three basic ways which may serve as a basis for verifying a person's identity: something the person KNOWS, such as a password; something the person HAS, such as a key or access card; or something ABOUT the person, such as fingerprints, signature, voice, or other personal attribute. The ability to automatically verify a person's identity via a unique personal attribute offers the prospect of greater security, and equipment for accomplishing this is beginning to emerge. There are several promising laboratory developments, although such equipment has not yet been interfaced to computer terminals to any great extent. In view of the present dependence on authentication techniques other than personal attributes, this Guideline provides advice on the effective use of passwords. This Guideline also discusses a variety of cards and badges with various forms of machine-readable coding that may be used for access control. In order to protect information used for identity verification, encryption is recommended.
Federal Inf. Process. Stds. (NIST FIPS) - 83
Report Number


access control, authentication, authorization, computer network, computer security, encryption, Federal Information Processing Standards Publication, identification token, identity verification, password, personal attribute, personal identification


Computer, I. (1980), Guideline on User Authentication Techniques for Computer Network Access Control, Federal Inf. Process. Stds. (NIST FIPS), National Institute of Standards and Technology, Gaithersburg, MD (Accessed May 24, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created September 29, 1980, Updated February 19, 2017