Two-Factor Authentication Requirement Update

Greetings, 

As mentioned last April, NIH will require two-factor authentication (2 FA) for eRA Commons access.

NIH has an updated deadline and approach, and also provided more details in the recent NOT-OD-21-172.

Starting September 15, 2021, all PIs and key personnel associated with an application or Research Performance Progress Report (RPPR) will be required to use two-factor authentication 45 days after the submission of their competing grant application (Type 1 or 2) or their RPPR.

eRA will also send reminder messages during the 45-day period to those individuals required to use the new two-factor authentication.

NIH does not yet require administrative account holders (this includes AO accounts) to use two-factor authentication until early 2022. NIH encourages administrators with only a single eRA administrative account to start using two-factor authentication now to access eRA systems.

NIH Resources

• NOT-OD-21-172: Adjusted Timeline for Requiring Two-Factor Authentication to Access eRA Modules Using Login.Gov or InCommon Federated Accounts
• Two-Factor Authentication to Access eRA Modules: See When You Need to Transition
• Two-Factor Authentication: Accessing eRA Modules via login.gov
• Two-factor Authentication video tutorials:
  • Two-Factor Authentication: Accessing eRA Modules via login.gov
  • What to Do If You Already Have a login.gov Account
  • What to Do If You Want to Switch to a Different login.gov Account

Thank you,
The Office of Sponsored Programs