Resource Digital Identity Authentication + Accounts

Digital Identity Guidelines: Authentication and Lifecycle Management, Special Publication 800-63B, Revision 3

These guidelines provide technical requirements for federal agencies implementing digital identity services and are not intended to constrain the development or use of standards outside of this purpose. These guidelines focus on the authentication of subjects interacting with government systems over open networks, establishing that a given claimant is a subscriber who has been previously…

NIST SP 800-63B sets technical requirements for federal agencies on digital identity authentication and lifecycle management.

It defines three Authenticator Assurance Levels (AALs), specifies allowed authenticator types, and details requirements for authentication protocols, privacy, usability, and risk-based assurance using strong cryptographic methods.