NSF’s New MFA Rules: Secure, But at What Cost?

Starting October 27, 2024, the NSF’s new MFA requirements for Research.gov are raising eyebrows. The NSF’s new MFA requirements will force users to authenticate through biometric-enabled physical passkeys or government-issued PIV/CAC cards, which are only on desktops. No more quick mobile verifications; now you’ll need to plug in a passkey or use biometric authentication like a fingerprint scan.

This shift poses serious barriers to the very communities the NSF aims to support. Many applicants may face financial burdens from purchasing passkeys or upgrading tech to support biometrics. ESL applicants and those with disabilities may struggle with the complex new process.

This change means more hassle for anyone assisting with NSF proposals remotely, particularly consultants and firms working on behalf of clients. It’s a security upgrade, sure—but it’s also a logistical headache. If you’re thinking, “Aren’t we supposed to be more mobile-friendly?” you’re not alone in that sentiment.

The MFA policy, in the name of heightened security, mandates a government-level solution for everyone. So, whether you’re sitting in an office or traveling, you’ll need that physical passkey plugged into a desktop to get through. Plan ahead because missing this deadline means being locked out of Research.gov.

For clients, this means setting aside time and budget to acquire and configure these passkeys—or prepping their own staff for hands-on proposal submission. It’s frustrating, but ignoring this change isn’t an option. If you don’t adapt, you’ll simply be locked out of Research.gov, and no proposal can be submitted.

Fortunately, our clients can authorize us as an AOR (Authorized Organizational Representative) or OAU (Other Authorized User), allowing us to handle MFA from our desks and submit proposals on their behalf. Full details on the changes can be found here.

If you have IT system-related questions, please contact the NSF IT Service Desk at 1-800-381-1532 (7:00 AM – 9:00 PM ET; Monday – Friday except for federal holidays) or to rgov@nsf.gov.

Understanding that security is essential, we’re here to help you navigate this transition effectively. We recognize that the new process may not fit every need perfectly, but our team is ready to support you with tailored guidance and compliance planning. Reach out to us, and we’ll work together to make this shift as seamless as possible, ensuring you stay confident and prepared along the way.

Dear Colleague Letter: Multifactor Authentication Implementation for Research.gov

October 11, 2024 Dear Colleagues: As part of our ongoing commitment to enhancing security and safeguarding NSF’s IT systems, user accounts, personal and scientific data, and the integrity of the merit review process, effective on October 27, 2024, the U.S. National Science Foundation (NSF) is implementing multifactor authentication (MFA) for Research.gov.


Ready To Take the Next Step?

We assist our clients in locating, applying for, and evaluating the outcomes of non-dilutive grant funding. We believe non-dilutive funding is a crucial tool for mitigating investment risks, and we are dedicated to guiding our clients through the entire process—from identifying the most suitable opportunities to submitting and managing grant applications.