HHS ID Badge Rollout Scorecard

Here are the most recent NIH badging statistics provided by HHS as of June 8, 2012.  

Sponsored: 40,119    Enrolled: 38,970   Issued: 38,484*

*This figure represents 95.9% of individuals who have been sponsored.

Just Five More Days Before Mandatory HHS ID Badge & PIN Login to ITAS  

Starting June 18, 2012, NIH will transition to mandatory smart card login with an HHS ID Badge and PIN (two-factor authentication) for everyone accessing the Integrated Time and Attendance System (ITAS) from a Windows machine.  

Logging into ITAS with a username and password will no longer be available to Windows users following this deadline.

This change in login policy is part of the Federal government's continued implementation of HSPD-12 to safeguard the Federal community, information, systems and facilities through identity certification and access management.

With the changeover going live in only five days, anyone needing to renew their certificates and/or reset their PIN must act quickly to ensure that they will be able to log into ITAS after June 18.

Certificates can be renewed and PINs can be reset at a Lifecycle Work Station (LWS) near you.     

Test Smart Card Login with Your HHS ID Badge  

Know the Rules for Renewing Digital Certificates

HHS sends out its first certificate expiration notice 42 days before the badge holder's digital certificates expire. Follow-up messages from the Department to the badge holder go out every seven days until the certificates are either renewed or they expire.  

The last message goes out one week before the certificates expire. Please be aware that all of the messages are exactly the same.

Note: Certificates cannot be renewed by an LWS operator or a Badge Issuance specialist UNLESS the badge holder's certificates will be expiring within the 42-day window.

Where to Learn More About Your HHS ID Badge Smart Card   

The Office of the Chief Information Officer and the Division of Personnel Security and Access Control maintain websites [http://smartcard.nih.gov and http://idbadge.nih.gov respectively] that provide in-depth information about HSPD-12 and its implementation to safeguard NIH information and facilities through the use of HHS ID Badge smart cards.

If you have any questions, please feel free to contact the HSPD-12 Program Office at [email protected].      

Exemptions to Mandatory HHS ID Badge & PIN Login to ITAS

Some users will be granted an exemption to the ITAS smart card login requirement. Exemptions fall into five categories:

1. Users who will not be issued an HHS ID Badge (PIV card) such as OCONUS and summer students.
2. Users who are unable to use an HHS ID Badge (PIV card) such as individuals who may be physically unable to operate a card reader and PIN pad.
3. Users who are temporarily unable to use an HHS ID Badge (PIV card) such as individuals who are waiting for their HHS ID Badge to be issued, or have a lost, broken or stolen HHS ID Badge.
4. Users who do not have access to a government-furnished computer running Windows, such as Macintosh computer users.
5. Users who are unable to resolve issues with their HHS ID Badge (PIV card) in the timeframe available for the temporary access such as individuals who have issues while on extended travel.

To request an exemption based on one of the criteria above, individuals should contact the NIH IT Service Desk at 301-496-4357 or submit a ticket online at: http://itservicedesk.nih.gov/support.     

No Signed e-QIP Signature Pages Means No HHS ID Badge!

Effective immediately any new NIH employee, contractor or affiliate who needs a background investigation (i.e., who does not have a background investigation on file) will need to complete e-QIP and submit their e-QIP signature pages to DPSAC prior to the HHS ID badge being released for issuance.

Please contact the DPSAC Helpdesk at 301-402-9755 if you have questions about the status of an applicant's badge.

The HSPD-12 Program Office continues to offer free NED training for beginners and experienced NED users. Take this opportunity to quickly master NED in a hands-on computer lab environment. 

NED for Beginners     

NED for Advanced Users     

Contact Lanny Newman at [email protected] to reserve a space. In your e-mail, provide Lanny with your name and IC and which course you would like to attend.  

Do not lend your HHS ID Badge (smart card) to anyone -- lending out your HHS ID Badge (smart card) is prohibited. The issuance of the new HHS ID Badge is based on strict identity proofing and the determination of one's suitability for a specific position classification.

Two-factor authentication defined -- two independent items of authentication are used to prove that the individual logging into the NIH network is an authorized user of the system.

The two items used are: (1) something the user has [e.g., the smart card (HHS ID Badge); and (2) something the user knows [e.g., the PIN associated with the smart card (HHS ID Badge)].

FAQs

More FAQs are can be found in the 'Smart Card Login FAQs' guide posted at:http://www.ors.od.nih.gov/ser/dpsac/Pages/Continued-Implementation-of-HSPD-12.aspx

• Overall Smart Card Login 
• Your Personal Identification Number (PIN) 
• Digital Certificates 
• Smart Card Readers   
• Using Your HHS ID Badge to Log in and Keeping It With You 
• Technical and Computer Issues 
• Lifecycle Work Stations (LWSs) 
• Logging into ITAS with Smart Card (HHS ID Badge) and PIN 

Overall Smart Card Login

Q: How do I log in to my computer with my HHS ID Badge (PIV card)?

A: To log in with your HHS ID Badge (PIV card), insert your HHS ID Badge into your smart card reader at the login screen to your desktop, and enter your six - eight digit Personal Identification Number (PIN) when prompted to do so.  

For step-by-step instructions on how to log in with a smart card, reference the "How to Log in" guides at: http://www.ors.od.nih.gov/ser/dpsac/Pages/Continued-Implementation-of-HSPD-12.aspx. 

Q: What will I need to log in with an HHS ID Badge (PIV card)?

A: To log in, you must have:

• Your HHS ID Badge
• A smart card reader connected to your computer
• Your PIN for your HHS ID Badge
• Active (not expired) digital certificates

You might also need: 

• Software that allows your computer to read and use the digital certificates on your HHS ID Badge

For more information about each of these items, reference the "Quick Reference Guide" at: http://www.ors.od.nih.gov/ser/dpsac/Pages/Continued-Implementation-of-HSPD-12.aspx.

Q: What happens to my username and password?

A: At this time, you must maintain your username and password. Do not let your password expire!  

While NIH is transitioning to smart card login, your username and password are still needed to access many NIH systems. Also, at this time, if you let your password expire you will not be able to log in with your HHS ID Badge and PIN.

Your Personal Identification Number (PIN)

Q: What is my PIN?

A: Your PIN is the personal identification number that is set by you and known only to you that serves as a key to your smart card. When you were issued your HHS ID Badge, you were asked to create a six, seven or eight number PIN (numbers only). This is the PIN you use along with your HHS ID Badge to log in.

Q: What do I do if I've forgotten my PIN?

A: Your PIN can be reset with assistance from a Lifecycle Workstation (LWS) Operator. You can conveniently reset your PIN "on site" rather than making a trip to a badge issuance station. Find an LWS near you by visiting: http://www.ors.od.nih.gov/ser/dpsac/badge/Pages/lifecycle.aspx.

Digital Certificates

Q: What are active digital certificates?

A: The gold chip on your HHS ID Badge stores your digital certificates, including the Authentication Key that allows you to log in. To work, the Authentication Key must be active (as in, not expired).

Q: What do digital certificates allow me to do?

A: Digital certificates allow systems to validate who you are and authenticate you as a user. They will also allow you to send and receive encrypted e-mails and digitally sign e-mails.

Q: When do my digital certificates expire?

A: Digital certificates expire every 1 - 2.5 years depending on your affiliation with NIH. They may expire earlier than the expiration date printed on your HHS ID Badge.

Q: Is there a way to check the expiration date of my digital certificates?

A: You can check the status of your digital certificates by visiting http://testmysmartcard.nih.gov. When you are asked to select a digital certificate, the properties of the certificate will display the expiration date.  

If you need help, please contact the NIH IT Service Desk at 301-496-4357. They can guide you through the steps to check the status of your digital certificates.

Q: I have multiple digital certificates. Do they have different expiration dates?

A: No. All your digital certificates have the same expiration date. When you renew your certificates, all of them will be renewed.

Q: When I log in to ITAS or other applications through NIH Login (iTrust), I am prompted to "Select a digital certificate" before entering my PIN. Which certificate should I select?

A: Steps on how to select the correct digital certificate for smart card authentication are located on pages 3 and 4 (steps 4-6) of the following document: https://itrusteauth.nih.gov/CertAuth/UsingSmartCardsWithNIHLogin.pdf.

Smart Card Readers

Q: Will smart card readers be distributed to everyone for their desktops?

A: Most computers already have a card reader. Your smart card reader may be a separate device plugged into a USB port, or it may be built into your keyboard or laptop. If your computer or laptop does not have a smart card reader, contact the NIH IT Service Desk at 301-496-4357.

Using Your HHS ID Badge to Log in and Keeping It With You

Q: Do you have to leave your smart card in the reader whole time that you are using your computer?

A: No. Once you are completely logged in, your computer will NOT log you off if you take your HHS ID Badge out of the smart card reader. Always remember to take your card out of the card reader once you are completely logged in and replace it in your badge holder so that you have it with you.

Q: What do I do when I need to leave my desk for a short period of time?

A: Remove your HHS ID Badge from your smart card reader after you have finished logging in and replace it in your badge holder. If you need to leave your desk, lock your computer and take your HHS ID Badge with you. You should have it with you at all times.

Q: Do I have to log in and out with my HHS ID Badge every time I leave and come back to my desk?

A: The computer will remain logged in, but you should never leave a logged in computer unattended. Please remember to lock your computer when you get up to leave.  

Q: Can I get a new badge holder so that I can leave my smart card attached to me while I am logged in?

A: No. In order to log in you must completely remove your HHS ID Badge from its holder and insert it into the card reader.

Q: Is using my HHS ID Badge to log in really a requirement?

A: Yes. This is part of the HSPD-12 initiative, a government-wide program and mandate to safeguard the Federal community, information, systems, and facilities through identity certification and access management.

Q: Will I have to go to training?

A: You do not need to attend any training. You can find more information and guides to help you log in with your HHS ID Badge at:  http://www.ors.od.nih.gov/ser/dpsac/Pages/Continued-Implementation-of-HSPD-12.aspx.         

Technical and Computer Issues

Q: Does my computer need to be reconfigured by IT?

A: Your computer does not need to be reconfigured, but you may need to install the smart card reader or the software (e.g., ActivIdentity� ActivClient™) that allows your computer to read and use the digital certificates on your HHS ID Badge. You do not need to be without your computer. Please contact the NIH IT Service Desk at 301-496-4357 for help with these installations.

Q: If I get locked out of my computer and cannot log in, where do I go for help?

A: Please contact the NIH IT Service Desk at 301-496-4357.

Q: What if my HHS ID badge is lost or stolen?

A: Please contact your AO who must submit a new badge request, via the NIH Enterprise Directory (NED), to the Division of Personnel Security and Access Control (DPSAC), which oversees badge issuance.

Q: What happens if I leave my HHS ID Badge at home or I accidentally leave my badge in my card reader overnight?

A: If you leave your HHS ID Badge at home or forget to take your HHS ID Badge with you when you leave for the day, you will need to go through the NIH Gateway Visitors' Center to enter the NIH campus. You will need to call the NIH IT Service Desk at 301-496-4357 to be granted access to the NIH network.

Q: While I wait for a new HHS ID Badge, how will I log in to my computer?

A: Please call the NIH IT Service Desk at 301-496-4357 to be granted access to the NIH Network.

Q: What if my HHS ID Badge breaks or stops working?

A: You will need to take your broken HHS ID Badge to a Badge Issuance Station.  

• On-campus DPSAC support: http://www.ors.od.nih.gov/ser/dpsac/about/Pages/hours.aspx;   

• Remote location support: http://www.ors.od.nih.gov/ser/dpsac/resources/Pages/satellite.aspx 

Lifecycle Work Stations (LWS) 

Q: What is an LWS?

A: An LWS is a Lifecycle Work Station where individuals can renew their digital certificates and reset their PIN. Each IC has purchased one or more of these units to assist employees on site. LWS' are operated by trained LWS Operators within the ICs. Please note that LWS' DO NOT issue new badges.

Q: Where can I find an LWS near me?

A: You can find a list of LWS Operators at: http://www.ors.od.nih.gov/ser/dpsac/badge/Pages/lifecycle.aspx.

Smart Card (HHS ID Badge)/PIN Login to ITAS   

Q. Will Mac users be required to use smart card login for ITAS?

A. While NIH is not requiring smart card login from Macs on the June 18 date, some ICs are choosing to include their Macs in the June deploy- ment. We expect that all Mac users will have to meet this HHS requirement in the near future. 

Q. Are only Federal employees affected?

A. No. All ITAS users who have an HHS ID Badge (e.g., contractors who hold Timekeeper roles in ITAS) will need their HHS ID Badge and PIN to log in.

News Briefs

The NCI-Frederick campus renamed Frederick National Laboratory for Cancer Research -- the title "national laboratory" is a special designation with less than 50 national laboratories in the United States. The facility, which will also be referred to as Frederick National Lab, is devoted solely to biomedical research.