Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Giving NIST SP 800-63B a Boost: NIST SP 800-63B Supplement for Incorporating Syncable Authenticators
April 23, 2024

Today, we published our first supplement to the Digital Identity Guidelines. A supplement is a specific document type that is intended to enhance, augment, or elaborate on an existing NIST Special Publication (SP). They provide a mechanism for NIST to more rapidly adapt to changes in the technology and threat environments. This supplement to NIST SP 800-63B provides interim guidance for agencies seeking to make use of ‘syncable authenticators’ (for example, FIDO Passkeys) in both enterprise-facing and public-facing use cases. 

When implemented correctly syncable authenticators provide a phishing-resistant authenticator with many benefits, such as simplified recovery, cross device support, and consumer friendly platform authentication features (e.g., native biometrics). This supplement addresses an immediate need for many agencies by providing direction on how to use this new security technology in support of the Federal Zero Trust strategy. Comments on syncable authenticators and the overall content of the supplement can be submitted through the upcoming second public comment period for the Digital Identity Guidelines Revision 4, which will open later this year.

Related Topics

Security and Privacy: authentication

Created April 18, 2024, Updated April 22, 2024