The National Science Foundation (NSF) recently issued a Dear Colleague letter (NSF 25-011)[NLD1] notifying the research community about the mandatory use of multifactor authentication (MFA) for Research.gov sign-in effective Sunday, October 27. All external users must first complete a one-time MFA enrollment process that will be available starting on October 27 and then use MFA to sign into Research.gov going forward.

What is MFA and how does it work?

MFA is a layered security measure that requires two or more authentication methods to verify a user’s identity. MFA will increase the security of the Research.gov portal because even if one authentication method such as a password becomes compromised, unauthorized users will be unable to meet the second authentication requirement and will be prevented from accessing Research.gov.

Here are the three main types of MFA and examples of each:

• Something You Know – PIN, password, or one-time passcode (OTP)
• Something You Have – Physical object such as a mobile device, laptop, USB device, key, or smart card
• Something You Are – Biometric authentication such as a fingerprint or face scan

Training Resources

Training resources, including how-to guides and frequently asked questions (FAQs), will be available on the new About Signing Into Research.gov page on Research.gov Help on October 27. This new page will assist the research community to quickly enroll in MFA and learn how to sign into Research.gov with the selected MFA method.

Questions?

If you have IT system-related questions, please contact the NSF IT Service Desk at 1-800-381-1532 (7:00 AM - 9:00 PM ET; Monday - Friday except for federal holidays) or rgov@nsf.gov.