Our security practices
Login.gov uses a variety of authentication methods to protect this U.S. government service and your data, and to ensure the service remains available to all users. These methods include monitoring and recording network traffic (any data going in and out of Login.gov) to identify unauthorized attempts to change information, or otherwise cause damage.
Unauthorized access or use of Login.gov (e.g. use for criminal purposes, or to cause damage, etc.) is against the law, and may subject you to criminal prosecution and penalties.
Vulnerability disclosure policy
Login.gov authorizes the outside security community to perform security research for the intent of reporting discovered security vulnerabilities in the Login.gov platform.
View our Vulnerability Disclosure Policy for details on this policy and how to report discovered vulnerabilities.