Skip to main content

Updating Verified Information

 

Users can update their verified information by reverifying – going through the full identity verification process from scratch. 

Before Reverifying: Save Your Personal Key

Before starting, the user must have their personal key (provided after initial verification). The personal key is critical because resetting a password causes the account to lose its verified status, and the key is the only way to restore the previous verification if reverification with new information fails.

If the user does not have their personal key, they can generate a new one:

  • Visit https://secure.login.gov and sign in
  • Scroll to the “Personal key” section and click “Reset”
  • Click “Continue” when prompted on the "Get personal key" screen
  • Save the displayed personal key in a safe place
  • Check the “I saved my personal key in a safe place."  checkbox and click “Continue”

Steps to Reverify

  • Sign out of Login.gov (or visit https://secure.login.gov and sign out if already signed in)
  • Click “Forgot your password?”
  • Enter your email address and click “Continue”
  • Open the “Reset your password” email from Login.gov and click the “Reset your password” link or button
  • Enter a new password (it can be the same as the old one) and click “Change password”
  • Sign back in
  • Click “Reactivate your profile now” in the yellow box at the top of your account page
  • Click “I don’t have my key,” then “Continue”
  • Complete the identity verification process with updated information

If reverification with new information fails, the user can restore their previous verified profile by going to https://secure.login.gov/account, clicking “Reactivate your profile now,” and entering their personal key.

See the “Name Changes and Record Delays” section for reasons why reverification with new information might fail.

Reproofing and Credential Lifecycle

Users may also be required to reverify earlier in the following cases:

  • Assurance level upgrade: A user verified at the non-IAL2 level accesses an application requiring IAL2.
  • Account recovery: A user resets their password and loses their personal key.
  • Updating verified attributes: See "Updating Verified Information" section

Losing verified status does not affect authentication-only access. A user who loses their verified status can still sign in to auth-only applications. However, a user whose entire account is suspended due to fraud cannot sign in at all.

Rate Limits and Attempt Limits

  • At the document authentication and facial matching step, users have limits before being locked out.
  • After the lockout, users can try again. There is no overall limit on total attempts.
  • When retrying, users must start from the beginning of the process. Login.gov cannot save a user’s position mid-flow because verified information is encrypted with the user’s password, and prompting for the password after each step would result in a poor user experience.
  • Login.gov cannot manually verify users or waive the lockout period.