In the fall of 2021, we had asked users with multiple eRA Commons accounts to hold off on moving to two-factor authentication while using eRA Commons and/or ASSIST until we had a solution in hand. Our proposed solution, to consolidate those accounts and provide them the ability to maintain one eRA Commons account going forward, is expected to be available in early 2023.
With the solution, users will be able to consolidate their multiple accounts into a single eRA account that contains all their organization affiliations and roles. Most importantly, once users complete the consolidation process, they will be able to associate their Login.gov or InCommon Federated account (the ability of an organization to use its own credentials provided it supports NIH’s two-factor authentication standards) with one eRA account to support all their authentication needs.
As a reminder, those with one administrative account in eRA Commons need not wait for this solution and can go ahead now and set up and start using two-factor authentication.
Examples of users with multiple accounts are a person with two separate administrative accounts, a person with a signing official and principal investigator accounts (typically small business applicants) or a person with principal investigator and assistant accounts.
If you have two administrative accounts, you should hold off on moving to two-factor authentication for those accounts. However, if your multiple accounts fall within the other examples, you could move your principal investigator account to two-factor authentication now and hold off on using two-factor authentication for your other account.
- All principal investigators (PIs) and key personnel associated with an application or Research Performance Progress Report (RPPR) are required to transition to the use of two-factor authentication 45 days after the submission of their competing grant application (Type 1 or 2) or their RPPR.
- After 45 days of this triggering event, these users will not be able to access eRA modules until they set up and use a two-factor authentication service provider - Login.gov and/or an InCommon Federated account (that supports NIH’s two-factor authentication standards).
Note: PIs and key personnel do not have to wait for the 45-day trigger after submitting an application or RPPR to start using two-factor authentication.
- The transition for reviewers to use two-factor authentication when using the Internet Assisted Review (IAR) module is ongoing and unchanged. Reviewers will continue to be required to use two-factor authentication as soon as they are enabled for a review meeting. Most reviewers have transitioned already.
- Use Login.gov With eRA Modules
- Access eRA Modules via an InCommon Federated Account
- 2FA flyer (detailed steps and screenshots for the initial set up using Login.gov)
- Video tutorials
(Original message sent Monday, March 7, 2022 at 3:43 p.m.)