U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Revised Guideline for Electronic Authentication of Users Helps Organizations Protect the Security of their Information Systems

Published

Author(s)

Shirley M. Radack

Abstract

This bulletin summarizes the information presented in NIST Special Publication (SP) 800-63-1, Electronic Authentication Guideline. This revised guideline, which supersedes an earlier guideline, NIST SP 800-63, updates information about, and recommendations for the secure implementation of electronic authentication methods, reflecting changing technology and current uses of e-authentication techniques. SP 800-63-1 provides technical guidelines to assist agencies in authenticating individuals remotely accessing Federal information technology (IT) systems. The bulletin covers Office of Management and Budget (OMB) Memorandum M-04-04, E-Authentication Guidance for Federal Agencies, which directs agencies to implement e-authentication methods based on their assessments of risks and the assurance levels required to protect systems and privacy; the steps in the e-authentication process; and the technical requirements for four assurance levels. References are provided to additional sources of information on e-authentication.
Citation
ITL Bulletin -
NIST Pub Series
ITL Bulletin
Pub Type
NIST Pubs

Download Paper

Local Download

Keywords

authentication, authentication assurance, electronic authentication, electronic credentials, electronic transactions, identity proofing, information security, passwords, Personal Identity Verification, privacy, Public Key Infrastructure, risk assessments, risk management, security controls, system security, tokens
Information technology and Cybersecurity

Citation

Radack, S. (2011), Revised Guideline for Electronic Authentication of Users Helps Organizations Protect the Security of their Information Systems, ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=910388 (Accessed December 15, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created December 22, 2011, Updated January 27, 2020