Date Published: June 2017 (includes updates as of 03-02-2020)
Supersedes: SP 800-63-3 (12/01/2017)
Author(s)
Paul Grassi (NIST), Michael Garcia (NIST), James Fenton (Altmode Networks)
These guidelines provide technical requirements for federal agencies implementing digital identity services and are not intended to constrain the development or use of standards outside of this purpose. The guidelines cover identity proofing and authentication of users (such as employees, contractors, or private individuals) interacting with government IT systems over open networks. They define technical requirements in each of the areas of identity proofing, registration, authenticators, management processes, authentication protocols, federation, and related assertions. This publication supersedes NIST Special Publication 800-63-2.
These guidelines provide technical requirements for federal agencies implementing digital identity services and are not intended to constrain the development or use of standards outside of this purpose. The guidelines cover identity proofing and authentication of users (such as employees,...
See full abstract
These guidelines provide technical requirements for federal agencies implementing digital identity services and are not intended to constrain the development or use of standards outside of this purpose. The guidelines cover identity proofing and authentication of users (such as employees, contractors, or private individuals) interacting with government IT systems over open networks. They define technical requirements in each of the areas of identity proofing, registration, authenticators, management processes, authentication protocols, federation, and related assertions. This publication supersedes NIST Special Publication 800-63-2.
Hide full abstract
Keywords
authentication; ; authentication assurance; ; authenticator; ; assertions; ; credential service provider; ; digital authentication; ; digital credentials; ; identity proofing; ; federation; ; passwords; ; PKI
Control Families
None selected