HHS ID Badge/PIV Card Rollout Scorecard

Here are the most recent NIH badging statistics provided by HHS as of August 17, 2012.  

Sponsored: 39,324    Enrolled: 38,304   Issued: 37,834*

*This figure represents 96.2% of individuals who have been sponsored.

New Code Letters Added to Digital Certificates Will Help Users ID the Appropriate Certificate  

As of July, 2012, all newly issued and renewed PIV Card/HHS ID Badge certificates now include a code letter at the end of the "Issued to" name to allow users to easily differentiate between types of certificates -- Authentication, Encryption and Signing.  

This new code letter suffix defines the use of each certificate, making it easier to identify and select the correct certificate.  

Note: certificates issued or renewed prior to July 2012 will not show the code letter.  

Below are examples of how the certificates with codes appear:

• John Doe -A - identifies the client authentication certificate
• John Doe -E - identifies the e-mail encryption certificate
• John Doe -S - identifies the digital signature certificate

Individuals requiring additional information should contact the NIH IT Service Desk at 301-496-4357 (local), 866-319-4357 (toll-free), or 301-496-8294 (TTY) or submit an online service request at: http://itservicedesk.nih.gov/support.

The HSPD-12 Program Office continues to offer free NED training for beginners and experienced NED users. Take this opportunity to quickly master NED in a hands-on computer lab environment. 

NED for Beginners     

NED for Advanced Users     

Contact Lanny Newman at [email protected] to reserve a space. In your e-mail, provide Lanny with your name and IC and which course you would like to attend.  

LWS Operators Now Able to Renew Digital Certificates Expired Beyond One Year

Administrators for the HHS Smart Card Management System (SCMS) have reset the digital certificate renewal parameters so that individuals can now renew their certificates at a Lifecycle Work Station (LWS) even if their 'certs' are expired for more than a year.

Prior to this reset, individuals whose digital certificates had been expired for more than a year needed to visit a badge issuance station to renew their certs.  LWS operators could not perform cert renewals for these individuals.

Now, ICs will no longer need to look for or send a separate message to people whose certificates have been expired for more than a year.

Note: Six weeks (forty-two days) before an individual's certificates will expire, the HHS SCMS automatically sends the person a certificate renewal notification.  The sender appears as [email protected].

Individuals cannot renew their certificates before the first message is sent, i.e., 42 days before their 'certs' are set to expire.

Diagnosing a 'Broken' Smart Card Reader

Sooner or later everyone's smart card reader will need to be cleaned. One sign of a dirty card reader could be a message on your computer stating that it cannot recognize your card type.

Cleaning your card reader is one of the steps listed below that users should follow in diagnosing a "broken" smart card reader:

1. Check if the reader can read *any* smart card.

2. If the reader is external, try a different USB port

3. Clean the reader with a smart card reader cleaner

4. Uninstall and re-install the smart card reader device driver

5. Replace the physical smart card reader

The Office of the Chief Information Officer recommends that each IC's IT support group keep a supply of card reader cleaners on hand at each work location.

If you need assistance, contact the NIH IT service desk at 301-496-HELP or or submit an online service request at:  http://itservicedesk.nih.gov/support.  

If an LWS is not available in your IC or your immediate area, and you work in the greater Bethesda or Rockville area -- please call 301-451-4766 or 301-402-9755 to schedule an appointment with the Division of Personnel Security and Access Control located in Building 31 on the NIH main campus. If you work outside the Bethesda/Rockville area, contact your local badge office. 

Smart card authentication with an HHS ID Badge/PIV Card and PIN is more secure than with a username and password -- because it is a form of 'two-factor authentication,' i.e., something you have, like your HHS ID Badge/PIV Card, and something you know, like a PIN.    

LWS Operator Training Guide posted online -- a revised training guide for Lifecycle Work Station (LWS) operators can be found on the ID Badge website at: http://www.ors.od.nih.gov/ser/dpsac/training/Pages/lifecycle.aspx.

The updated guide features illustrated, easy-to-follow instructions for logging into the LWS software, the PIN reset process and the certificate renewal process.  

Exemptions to mandatory HHS ID Badge/PIV Card & PIN login to ITAS -- to view the criteria that allow an individual to use a Username/ Password in place of an HHS ID Badge/PIV Card & PIN to access ITAS, click on: Exemptions .

Do not lend your HHS ID Badge/PIV Card to anyone -- lending out your HHS ID Badge/PIV Card is prohibited. The issuance of the HHS ID Badge/PIV Card is based on strict identity proofing and the determination of one's suitability for a specific position classification.  

FAQs

Q. I understand that even though I am using my PIV Card/HHS ID Badge and PIN to log in to my computer, I still need to maintain my password. How long will this password requirement last before it is discontinued?

A. According to the Office of the Chief Information Officer, as long as NIH continues to use username/password authentication with Active Directory (AD), the password change policy will apply. AD will not allow you to login to a computer (with or without a PIV card) if your password is expired. This policy is expected to remain in effect for at least 2 more years.

Q. I know that the digital certificates in my HHS ID Badge/PIV Card are up to date, but when I try to log in to the NIH network nothing happens. Any suggestions?

A. Yes. You should first try to log in using another computer and card reader. If you are able to log on successfully, it's likely that your card reader is broken or dirty. Your IC's IT department should be able to provide you with a new card reader.  

News Briefs

NIGMS, NHGRI Successfully Transition to PIV Card/HHS ID Badge Logon 

NIGMS and NHGRI report that they recently implemented the mandatory use of PIV Cards/HHS ID Badges to log in to all Windows-based computers. According to both ICs, the transition went very smoothly with only a handful of staff requiring assistance in locating the logon prompt for PIV Card/HHS ID Badge use.