Effective on and after October 27, 2024, NSF is requiring multifactor authentication (MFA) for its Research.gov portal. All users will be required to complete a one-time MFA enrollment process and then use MFA to sign into Research.gov.
Training resources, including how-to guides and frequently asked questions (FAQs) will be available on the new About Signing Into Research.gov page, located under the Research.gov Help page starting October 27. This new page will assist the research community with enrolling in MFA and learning how to sign into Research.gov with the selected MFA method.
For full details, please see NSF 25-011.
What is MFA and how does it work?
MFA is a layered security measure that requires two or more authentication methods to verify a user’s identity. Per NSF, MFA will increase the security of the Research.gov portal because even if one authentication method such as a password becomes compromised, unauthorized users will be unable to meet the second authentication requirement and will be prevented from accessing Research.gov.
Here are the three main types of MFA and examples of each:
- Something You Know – PIN, password, or one-time passcode (OTP)
- Something You Have – Physical object such as a mobile device, laptop, USB device, key, or smart card
- Something You Are – Biometric authentication such as a fingerprint or face scan