New options for more secure authentication

Your account security is important to us. If you’re using text (SMS) messages or voice calls as a second factor to verify your account, you must switch to a more secure multifactor authentication (MFA) method by April 30. Starting May 1, you will only be able to use email verification or one of the MFA methods listed below to verify your identity when signing into your USPTO.gov account to access one of our online services.

For more information on MFA, please read through our multifactor authentication frequently asked questions.

Below are several MFA options available for you to choose from that are more resistant to phishing or cyberattacks. After you choose an option, you must download, install, and configure the method on your device.

Okta Verify

Our agency uses the Okta platform to securely connect you to our applications and tools. Okta Verify is an application to help confirm your identity when signing in to your USPTO.gov account. When using this authenticator, you will receive a code from Okta and use it with your password.

You will have to download and configure Okta Verify and set up the application on your devices. For more information, see the Okta Verify help page.

To enroll in Okta Verify, you'll want to read through these sample instructions specific to your device's operating system:

If you have questions about registering or configuring Okta Verify for your USPTO.gov account, you can send an email to OktaVerify.Help@uspto.gov.

Authenticator applications

Authenticator applications can be downloaded to your mobile or desktop device to help prove your identity. If an unauthorized user attempts to log into your account, the app notifies you and denies them access.

Time-based one-time password (TOTP) is the mechanism an authenticator app uses to generate short-lived authentication codes when you access our systems. If you are unable to log in within the timeframe, you’ll receive another code to enter when prompted.

If you don’t have an authenticator app, you can download and install one on your smartphone or other device. There are many authenticator apps that use TOTP, including Google Authenticator, Authy, Duo Security, Microsoft Authenticator, Okta Verify and others. You will have to research the options to decide which one works best for you.

Security keys or biometric authenticators

A security key is a hardware device you can use when you log in to our systems. Instead of entering a code after a password, you tap or insert a security key into your phone or computer to confirm your identity. Fast Identity Online (FIDO2) is the current standard for these devices. You must choose a device that complies with this standard. For information, read the FIDO Alliance’s webpage How Passkeys Work.

Note: This device must be purchased.