New options for more secure authentication

By May 1, 2025, we will switch to more secure multifactor authentication (MFA) mechanisms to access your USPTO.gov accounts. After this date we will no longer offer Short Message Service (SMS messages) or voice calls as verification options. If you use email as a second factor to authenticate your account, that option remains available.

Your account security is important to us. In order to strengthen the systems that protect your information and our agency, we wanted you to know about new MFA options you can use. These options will help ensure proper authentication when you access your USPTO.gov account and can help protect your account against phishing or cyberattacks. For more information on MFA in general, please read through our multifactor authentication frequently asked questions.

Below are the three MFA options available for you to choose from that are more resistant to phishing or cyberattacks:

Okta Verify

Our agency uses the Okta platform to securely connect you to our applications and tools. Okta Verify is an application to help confirm your identity when signing in to your USPTO.gov account. When using this authenticator, you will receive a code from Okta and use it with your password.

You will have to download and configure Okta Verify and set up the application on your devices. For more information, see the Okta Verify help page.

To enroll in Okta Verify, you'll want to read through these sample instructions specific to your device's operating system:

If you have questions about registering or configuring Okta Verify for your USPTO.gov account, you can send an email to OktaVerify.Help@uspto.gov.

Authenticator applications

Authenticator applications can be downloaded to your mobile or desktop device to help prove your identity. If an unauthorized user attempts to log into your account, the app notifies you and denies them access.

Time-based one-time password (TOTP) is the mechanism an authenticator app uses to generate short-lived authentication codes when you access our systems. If you are unable to log in within the timeframe, you’ll receive another code to enter when prompted.

If you don’t have an authenticator app, you can download and install one on your smartphone or other device. There are many authenticator apps that use TOTP, including Google Authenticator, Authy, Duo Security, Microsoft Authenticator, Okta Verify and others. You will have to research the options to decide which one works best for you.

Security keys or biometric authenticators

A security key is a small hardware device that you can use to log in to our systems and applications. Instead of entering a code after a password, you tap or insert a security key into your phone or computer to confirm your identity. Fast Identity Online (FIDO2) is the current standard for keys. For more information on this option, the Fido Alliance’s How Fido Works has details.

Note: This device must be purchased.