18F tackles inconsistent, insecure .gov logins
The General Services Administration’s 18F digital services team wants to make it easier for citizens to log on to federal websites — its first initiative as part of GSA’s Technology Transformation Service.
The team is working with a governmentwide team of tech experts — from agencies such as the Office of Management and Budget, the National Institute of Standards and Technology, and GSA’s own Federal Acquisition Service — to build a secure shared authentication platform for citizens to login on agency websites.
The federal government provides an “inconsistent, difficult experience” for citizens “logging in and proving their identity when interacting with the government online,” 18F member Joel Minton wrote in a blog post. He called 18F’s platform-in-progress “a seamless, secure, and user-friendly ‘lock’ to the government’s digital services” and a “critical next step in the government’s movement to go digital.”
Much like GSA’s past plans for Connect.gov — a governmentwide identity management and authentication platform that this project builds on — 18F’s platform is meant to be a seamless and single sign-on for government websites. Whether signing in to a Social Security platform or accessing personal veterans benefits online, 18F’s intent is that citizens would use the same login on the same “front door” to get there.
The blog post says “the groundwork laid by the connect.gov pilot” will ensure that the new login system “can be adopted successfully by a number of agencies across government.”
18F says this new platform will incorporate “modern, user-friendly, strong authentication and effective identity proofing technology,” and that it will align with President Barack Obama’s call for a move away from password-only logins in favor or multifactor authentication in the recent Cybersecurity National Action Plan.
NIST recently introduced new draft guidance for federal online identity authentication through its National Strategy for Trusted Identities in Cyberspace program.
The GSA digital services team shared a few of its more specific goals in the build-out of this platform as well:
- Creating a simple, elegant way for the public to verify their identity, log in to federal government websites, and, if necessary, recover their account;
- Building experiences, processes, and infrastructure that will use the latest available technology to safeguard all user data;
- Delivering software that will allow government developers to integrate it within hours rather than weeks;
- Leveraging private sector innovation and capabilities wherever possible; and
- Preserving privacy by mitigating privacy risks and adhering to all federal privacy guidelines.
Just last week, GSA announced the launch of its Technology Transformation Service, which consists of 18F, the agency’s Presidential Innovation Fellow program, and its Office of Citizen Services and Innovative Technologies. GSA Administrator Denise Turner Roth gave FedScoop an exclusive look into her vision for the new tech service, and how it will make 18F a “permanent part of the family” and declare GSA as the government’s model agency to take on this type of project.
[Read more: Exclusive: GSA’s Turner Roth shares her vision for the agency’s new tech service — and 18F’s legacy.]
The Technology Transformation Service “will be that consulting space, it will be the testbed, it will be the further exploration of digital services,” Turner Roth told FedScoop.
18F plans to keep the public engaged as it iteratively develops the for-now unnamed authentication platform and hopes for “feedback to ensure we capture and incorporate the best ideas to deliver the best solution,” the blog post says.
Contact the reporter on this story via email at Billy.Mitchell@FedScoop.com or follow him on Twitter @BillyMitchell89. Subscribe to the Daily Scoop to get all the federal IT news you need in your inbox every morning at fdscp.com/sign-me-on.