Security and Authentication

Security and Authentication

Submitted by (@morell)

Enable checkboxes for sponsorship renewal

Currently when removing sponsorship you need to click an "x" next to each name and also click an additional box to confirm removal. In situations where we're removing multiple people it is burdensome to click two times per each name. Please add a "select all" function and/or enable multiple people to be selected at one time.

Voting

8 votes
8 up votes
0 down votes
Active

Security and Authentication

Submitted by (@dphipps)

Automate Customer Number Access for Registered USPTO.gov Account

When new customer numbers are requested and associated with practitioners, the Office should be able to update registered USPTO.gov accounts to include CNs the practitioner is associated with. I seem to recall this was a plan some years ago, however, it is not something that has been happening with any regularity. It is unreasonable to ask practitioners to send in a form to request their accounts be updated to include ...more »

Voting

3 votes
3 up votes
0 down votes
Active

Security and Authentication

Submitted by

Allow Users to Set a Timeout Period

Often, sometimes seemingly random, EFS or PAIR automatically logs the user out. It would be helpful to allow a user to set an inactivity period for automatic logout. When filing multiple papers in a single day, the time between submissions is often greater than the automatic time out period. This requires multiple logins and two-factor authentications (as selecting the checkbox for a trusted computer does nothing). ...more »

Voting

13 votes
13 up votes
0 down votes
Active

Security and Authentication

Submitted by (@reneeo)

Notification of pending sponsorship request

I sent 3 sponsorship requests to my practitioner today. She received no notification that she had pending requests to review. It wasn't until we went to the sponsorship tool logged in as her that she saw that she had 3 pending requests. I believe the practitioners have no reason to access the sponsorship tool on a regular basis so they'd have no way of knowing they have pending requests. I suggest that a notification ...more »

Voting

15 votes
15 up votes
0 down votes
Active

Security and Authentication

Submitted by (@dphipps)

Allow Password Change for USPTO.gov Accounts

Restricting the ability of users to change the email address associated with their USPTO.gov account is not optimal. People move from company to company, firm to firm, and will need to use their business email address as their account address. It is not practical to require users to contact the Office to make a change that should be allowed electronically. The Office already requires users to change their password ...more »

Voting

13 votes
13 up votes
0 down votes
Active

Security and Authentication

Submitted by (@dphipps)

Create Designated Administrators by Domain Address

Now more than before we need the ability to identify at least three (3) administrators that can conduct additions and removal by domain address. Since USPTO.gov accounts are used to access secure USPTO systems, this seems a valid possibility when a specific domain is used for account names. For example, our practitioners and employees all have accounts under their firm email address so the domain is the same for everyone. ...more »

Voting

14 votes
14 up votes
0 down votes
Active

Security and Authentication

Submitted by (@rdowns)

Recommend removing reCAPTCHA for login scheme

Recommend removing reCAPTCHA and retain two factor authentication for new login scheme or EFS and PAIR. The new PTO login scheme requires dual factor authentication and a reCAPTCHA. The dual factor authentication provides unauthorized login protection, while the reCAPTCHA is intended to prevent automation. The current PTO login scheme that is being depreciated supports automation and the PTO has stated they plan to ...more »

Voting

18 votes
18 up votes
0 down votes
Active

Security and Authentication

Submitted by (@david.boundy)

Turn off password expiration for MyUSPTO.gov

Get rid of the expiration on passwords on MyUSPTO -- a good password that isn't reused across multiple platforms can be permanent. Is this solving a genuine and identifiable problem? No. Is there any conceivable way that a bad guy could get into uspto.gov and, for example, expropriate money from one of the credit cards? NO!!! The only payee is the uspto! Nobody's going to hack into a MyUSPTO account to when he/she ...more »

Voting

21 votes
21 up votes
0 down votes
Active

Security and Authentication

Submitted by (@amy.stevens)

Establish Patent Center inactivity timeout to 30 minutes

Due to updated NIST guidelines, the USPTO plans to set the user inactivity timeout to 30 minutes in Patent Center. After 25 minutes of user inactivity, Patent Center will prompt you to continue with the authenticated session. If you do not confirm that that you want to continue, your session will terminate in order to protect your patent application data. In most cases, to sign back in after a timeout, you would only ...more »

Voting

-17 votes
1 up votes
18 down votes
Active

Security and Authentication

Submitted by (@communitymember)

Portal to send password to open an encrypted file before meeting

Perhaps a secure portal could be added through which an applicant or applicant's representative can send an examiner a password to open an encrypted file containing claim drafts or other material before an interview meeting. The portal would not burden an examiner with any messages or e-mail, but would contain only a password and would indicate the type of file that would later arrive by e-mail or file-sharing platform. ...more »

Voting

-6 votes
0 up votes
6 down votes
Active