Mandate single sign on technology implementation

Liberty
1

Presidential Executive Memorandum

Subject: Mandate Government-Wide Implementation of Single Sign-On via Login.gov

Date: [Insert Date]

To: Heads of Executive Departments and Agencies

Purpose

This memorandum mandates the implementation of a government-wide single sign-on (SSO) system using Login.gov for all citizen-facing services. This initiative aims to streamline access to government services, enhance security, and improve user experience across federal, state, and local government platforms. All systems will report monthly on status and have single sign-on supported with 12 months of this memorandum.

Background

Login.gov is a secure, user-friendly service that allows citizens to access multiple government agencies with a single account and password. Developed by the U.S. Digital Service, Login.gov launched in April 2017 and has since expanded to nearly 50 agencies and states, supporting over 10 million monthly active users. This system simplifies the process of accessing government services and reduces the burden of managing multiple usernames and passwords.

Mandate

  1. Implementation of Login.gov:

    • All federal agencies are required to integrate Login.gov into their citizen-facing services by [Insert Deadline].
    • Agencies must ensure all systems related to citizen support, including Social Security Administration, Veterans Affairs, and other relevant data systems, utilize Login.gov for user-authentication.

  2. User Authentication:

    • Agencies must support biometric authentication options (face or touch unlock), PINs, patterns, and QR code scanning through Login.gov to enhance security and accessibility for users.

  3. Data Transparency:

    • A dataset will be created and maintained on Data.gov to provide transparency in the utilization of Login.gov. This dataset will include:
      • Monthly active users across all participating agencies
      • Traffic statistics for Login.gov
      • Utilization data for each agency’s services accessed via Login.gov
      • Login failure rates and cause (system or user)

  4. Collaboration with State and Local Governments:

    • Federal agencies are encouraged to collaborate with state and local governments to promote the adoption of Login.gov at those levels, facilitating access to services without requiring federal funding.

  5. User Education and Support:

    • Agencies must develop and disseminate educational materials to inform citizens about how to use Login.gov and the benefits of a single sign-on system.

Benefits

  • Improved User Experience: Simplifies access to government services, reducing frustration associated with multiple logins.
  • Enhanced Security: Increases security through standardized authentication practices and protects user data.
  • Operational Efficiency: Reduces administrative burden on agencies related to password management and user account issues.

Conclusion

The implementation of Login.gov as a unified single sign-on solution across all government services is essential for improving access, security, and user satisfaction. This initiative will position the U.S. government as a leader in digital service delivery and ensure citizens have a seamless experience when interacting with government agencies.

[President’s Name]
President of the United States
[Signature]
[Date]

This memorandum serves to direct immediate action toward the adoption of Login.gov across all relevant government services, ensuring a unified and secure approach to citizen engagement.

2

Future use might include expansion into areas not currently automated such as this site, citizen surveys, census, voting, or other government operations.

3

While this sounds good in theory, it gives the government too much control. If you dont agree with the government, they shut off your access to services, to banking etc.

1 Like
4

The system already is being used over ten million times a month by citizens. This would reduce the number of places bad actors as you describe would be able to interfere with your access and make investigations or legal protection easier and cheaper to implement!

5

Section 2 should be expanded to include that Login.gov and all linked websites shall support FIDO authentication credentials (aka “Passkeys”) to further increase security of citizens accessing the related websites.

Even Policies for the People supports Passkeys for login purposes.

6

Login.gov supports enhanced login security methods and passkeys for secure and passwordless authentication:

  1. Log in to your Login.gov account
  2. Go to your account settings or security options
  3. Find the option to enable passkeys
  4. Choose a verification method, such as text message, email, or an authentication app
  5. Follow the on-screen instructions to complete the setup
  6. Log out and log back in to test your passkeys

You can also use other authentication methods with Login.gov, including:

  • Security keys: Physical devices that you can connect to your device to add an extra layer of protection. You can buy a security key online or from a trusted retailer.
  • Authentication apps: You can use an app like Google Authenticator or Authy to generate one-time passcodes.
  • Passphrases: You can create a passphrase as an authenticator.
  • Backup codes: You can use backup codes as an authenticator.
  • One-time passcodes: You can receive one-time passcodes by phone or text message.
  • PIV and CAC cards: These cards are available for federal and armed forces personnel only.
  • WebauthN security devices: These devices include FIDO tokens, Yub
7

At least today Banking isn’t a government function. If you are concerned about deep state actors or out of control government then you’ll create a policy to address that issue! The intent of my policy was to reduce the complexity and number of ever increasingly difficult passwords for citizens on multiple government sites.