Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST SP 800-63-2

Electronic Authentication Guideline

Date Published: August 2013

Supersedes: SP 800-63-1 (12/12/2011)

Planning Note (06/22/2017):

SP 800-63-2 is superseded by the SP 800-63 suite, as follows: 


William Burr (NIST), Donna Dodson (NIST), Elaine Newton (NIST), Ray Perlner (NIST), W. Polk (NIST), Sarbari Gupta (Electrosoft Services), Emad Nabbus (Electrosoft Services)



authentication; authentication assurance; credential service provider; electronic authentication; electronic credentials; identity proofing; passwords; PKI; tokens
Control Families

Identification and Authentication


Download URL

Supplemental Material:
None available

Document History:
08/29/13: SP 800-63-2 (Final)


Security and Privacy

authentication, cryptography, public key infrastructure