In order to sign into Research.gov, you must register for an NSF account. Refer to the link here if you need to register for an NSF account. You can sign into Research.gov using one of the following three options:
Effective on October 27, 2024, NSF implemented multifactor authentication (MFA) for Research.gov as part of an ongoing commitment to enhancing security and safeguarding NSF's IT systems, user accounts, personal and scientific data, and the integrity of the merit review process. This extra step protects both the research community and NSF. See Dear Colleague Letter (NSF 25-011) for details. View the MFA Options Overview.
Sign into Research.gov account with your NSF ID + password or Primary Email address + password. If you access Research.gov using NSF credentials, you must set up MFA in Research.gov to sign in.
The MFA options that will display and will be available to select will depend on what role you have in Research.gov. If you have a financial or administrative role, you must use a phishing-resistant MFA method. If you have other roles such as Principal Investigator or Reviewer which do not have financial or administrative privileges, you can select an MFA or phishing-resistant MFA method; however, NSF strongly recommends that all users choose a phishing-resistant MFA. NSF urges you to also set up a secondary MFA method in case your primary MFA method is unavailable (e.g., you do not have their mobile phone with you).
Follow the step-by-step instructions in the how-to guide linked below for each MFA method. View the Frequently Asked Questions for additional guidance.
Depending on your role in Research.gov, there are Google Authenticator and Okta Verify MFA options and Security Key and Biometric phishing-resistant options. The following table shows the roles and corresponding MFA options.
User Role | MFA Options Set Up in Research.gov | ||
---|---|---|---|
Phishing- resistant MFA | Users with Administrative and Financial Roles: |
| |
|
| ||
MFA | Other Users |
| |
|
|
Refer to the table below to determine the device and operating system requirements needed for each MFA security method in Research.gov:
Requirements | |||||||
---|---|---|---|---|---|---|---|
Security Methods | How to Guides | Video Tutorials | Physical Devices | Operating System | Installation | Allows Sign-in from Multiple Devices? | |
Phishing- resistant MFA | PassKey | ![]() | Mobile device (smartphone or tablet) |
| Yes | ||
PIN | ![]() | Windows computer with Windows Hello for Business + PIN (PIN option not available on MAC computers) |
| No | |||
Fingerprint | ![]() | Windows or Mac computer with Windows Hello for Business + Fingerprint reader |
| No | |||
Facial Recognition | ![]() | Windows computer with Windows Hello for Business + Built-in Camera (Facial recognition option not available on MAC computers) |
| No | |||
Security Key | ![]() | Windows or Mac computer with FIDO2 token (e.g., YubiKey) |
| Yes | |||
MFA | Google Authenticator | ![]() | Mobile device (smartphone or tablet) |
| Google Authenticator app | Yes | |
Okta Verify | ![]() | Mobile device (smartphone or tablet) |
| Okta Verify app | Yes |
InCommon is a non-profit organization offering services in federated identity management to its members – institutions of higher education, federal agencies, research organizations, and corporations with affiliations with higher education in the United States and abroad that provides services to member institutions and reaches more than 4.5 million end users. The NSF Identity and Access Management platform trusts the universities and organizations as identity providers when they are members of the InCommon Federation network. All trusted Identity providers with whom NSF integrates are listed on the Research.gov Sign In page using the dropdown. You can select your organization from the dropdown and use your organization-issued credentials to sign into Research.gov.
InCommon Federation users can continue to use their organization-issued credentials to sign into Research.gov on or after October 27, 2024, if the participating organization requires MFA for systems access.
NSF enabled Login.gov as a Research.gov sign-in option in 2022. Users can continue using Login.gov on or after October 27, 2024, to sign into Research.gov if a phishing-resistant MFA is used. The phishing-resistant options are face or touch unlock and security keys. See https://www.login.gov/help/get-started/authentication-methods/ for details.
If you wish to update your Research.gov MFA security method, follow the steps below:
NSF account holders can reset their passwords themselves in Research.gov. The Password Reset Guide provides guidance on resetting your password or recovering your account if a password has been forgotten. Passwords for users with financial or administrative roles expire every 60 days and must be reset.
Password Requirements