How the “new, safer and simpler log-in” works at the USPTO?

click to enlarge

I’ve received many questions from people who have tried to use the “new, safer and simpler log-in” for PAIR and EFS-Web.  (See the big blue footer that now appears whenever you try to use PAIR.)  Here’s what one very experienced USPTO customer asked me:

Last week I set up two-factor authentication with MyUSPTO, following the USPTO’s instructions.  Recently the big blue banner started appearing and I figured I had better start using the newer, safer and simpler log-in.  So today I needed to e-file form SB39 in one of my cases.  This is my time to try out the newer, safer and simpler log-in, right?  I logged in at the USPTO web site using my MyUSPTO user ID and password.  So far, so good.  Over on the right side, it says “File patents with EFS Web”.  So now that I have logged in, I click there and I reach the “unregistered e-filers” page.  There are some links but none of them will get me to the “registered” EFS-Web.  Finally I give up on MyUSPTO and I click on the old-fashioned link on the upper left and I click on “eFile (registered)” and that got me to the familiar old Entrust Java Applet page.  I e-filed my form SB39.

When that was done I went back to the MyUSPTO home page again hoping to figure out how I might have gotten to the “registered” EFS-Web page.  What did I miss?

I’ll explain.

I am hoping I will get an opportunity to talk with some of the USPTO people who are handling the newer, safer and simpler log-in for more details.  That hasn’t happened yet.  Until that happens, here’s what we in the EFS-Web listserv community have figured out.

As of right this minute, despite the big blue banner from the USPTO (quoted above), despite the big pop-up message that happens when you log in at EFS-Web, despite the scary emails from USPTO …

… as of right this minute, if you are going to log in at Private PAIR or EFS-Web, the only way to log in is to do it the same way you have always done it — with your EPF file.  By this I mean, with that dreaded Java applet.

Unfortunately USPTO hasn’t been as clear about all of this as they might have been.

There are two transitions coming up, as I will describe.  Importantly, neither transition has happened yet.

The first transition has to do with how you log in at EFS-Web or Private PAIR if you are a registered practitioner.  The second transition has to do with how you log in at EFS-Web or Private PAIR if you are not a registered practitioner.  These two transitions will be pretty far apart in time, maybe a month separated from each other.  I will talk about the two transitions one by one.

First let’s talk about the first transition, namely how you log in at EFS-Web or Private PAIR if you are a registered practitioner.  As of right now, you do this with your EPF file and the dreaded Java Applet.  But as USPTO keeps telling us, Real Soon Now there will be this “newer, safer and simpler log-in”.  The newer, safer and simpler log-in will be by means of your MyUSPTO user ID and password and two-factor authentication.  For any particular registered practitioner (for example maybe you, dear reader), this will happen only after two things happen:

  • the USPTO releases the “migration tool” and
  • you (the particular registered practitioner) actually make use of the migration tool.

As of today (September 27) the USPTO has not yet released the “migration tool”.  This means that you (the dear reader) by definition will not yet have been able to make use of it.  That means that as of today your only way to log in at EFS-Web and PAIR is the same way you have always logged in (the EPF file).

The action step for you, the dear reader, is of course to obtain a MyUSPTO user ID and password (if you have not already done so)  and to set up two-factor authentication (if you have not already done so).  Back in June I blogged about how to set up the user ID and password.  And a couple of days ago I blogged about smart ways to set up two-factor authentication with MyUSPTO.  So you should do these things to get ready, if you have not already done so.

And then once you have gotten your MyUSPTO user ID and password, and once you have gotten your two-factor authentication set up, then you can join all the rest of us and we can all sit and wait and wait for USPTO to release the “migration tool”.

By the way I certainly hope that USPTO is alpha-testing the migration tool.  And I certainly hope that USPTO will beta-test the migration tool.  Usually I hear about it when USPTO starts testing new systems, and it makes me a little nervous that I have not heard of any actual user testing of the migration tool.  In fact usually I get invited to be a beta-tester or even an alpha-tester of each new USPTO system, and as of today I have not been invited to beta-test or alpha-test the migration tool.

click to enlarge

But anyway USPTO has said (see this page, quoted at right) that it will release the “migration tool” at some unspecified time in October 2018.  When the USPTO releases the migration tool, of course I will post the news here.  (If you have not already done so, you should subscribe to this blog!)

The idea of course is that you will use the migration tool to link your EPF file (which they call your “PKI certificate”) with your MyUSPTO account.  Once you have carried out that linkage, then you (you personally) will be able to log in at EFS-Web and PAIR using your MyUSPTO user ID and password and two-factor authentication.

You can’t do this now.  Which is the answer to the question (quoted above) that started this post.  But you will be able to do this starting on whatever day USPTO releases the “migration tool”.

Yes this migration tool that hopefully will have been alpha tested and beta tested.

This then brings us to the second transition, namely how you log in at EFS-Web or Private PAIR if you are not a registered practitioner.

One of the important things to keep in mind is how different USPTO intends that it will be with MyUSPTO user IDs and passwords compared with how it has been with EPF files.

With EPF files, the situation is that everyone shares everything.  The non-practitioners in a firm or patent department (for example, paralegals and secretaries and legal assistants) all share the EPF files and passwords of the practitioners.  It has been that way for many years.

In contrast, USPTO intends that with this “newer, safer and simpler log-in”, each person will use his or her own MyUSPTO user ID and password.  Saying this in a different way, USPTO intends that no one will share his or her MyUSPTO password with anyone else.

This means that when the first transition happens, namely the transition that a registered practitioner makes use of the “migration tool”, this will not change anything for non-practitioners who work for that practitioner.  They will keep using the practitioner’s EPF file to log in.

So there will be an interim period of at least several weeks during which some people in your office (the registered practitioners) will be using MyUSPTO user IDs and passwords and two-factor authentication to log in at EFS-Web and PAIR, while other people in your office (the people who are not registered practitioners) will continue the old way, using the shared EPF files and passwords to log in just as in the past.

click to enlarge

Eventually the exciting day will arrive when USPTO releases the “sponsorship tool”.  USPTO has said (see this page, quoted at right) that it will release the “sponsorship tool” at some unspecified time in November 2018.  When the USPTO releases the sponsorship tool, of course I will post the news here.  (If you have not already done so, you should subscribe to this blog!)

So again to be clear, when this time comes (apparently in November 2018), your office will for some weeks have been in a situation where the non-practitioners have been continuing to use the shared EPF files and passwords to log in at EFS-Web and PAIR, while the practitioners will have been using MyUSPTO user IDs and (non-shared) passwords and two-factor authentication to log in.  And then the exciting day will arrive that USPTO releases the “sponsorship tool”.

I am delighted to be able to report that I have had an opportunity to alpha-test the sponsorship tool and that it does actually work.  It’s pretty simple actually and it works in a common-sense way.  The assumption here is that you are a registered practitioner and you already have your MyUSPTO account linked to your EPF file.  Then if you are an alpha tester you can reach a special page and you click on “sponsorship”.  Of course you have already logged in with your MyUSPTO user ID.  You are then asked to do the two-factor authentication.  At that point you can do the sponsorship.  A screen opens up where you can then enter one or more email addresses of people whom you wish to sponsor.  (Typically these are non-practitioners who work with you in your office.)  Hopefully some or all of the email addresses that you entered will be email addresses of people who have in fact already set up the MyUSPTO user ID and password and two-factor authentication.  And then these people will receive the status of having been “sponsored”.

Keep in mind that these people need to have already obtained a MyUSPTO user ID and password.  And keep in mind that these people need to have already set up two-factor authentication.  Which gets us back to the part about how everybody should have done this back in June as I described in this blog article. And this gets us back to my suggestions about how to be smart about setting up the two-factor authentication (blog article).

Anyway yes, once the USPTO releases the sponsorship tool, each practitioner will want to use the tool to sponsor each of the non-practitioners in his or her office.

click to enlarge

Then the question that comes up is “how long can a user foot-drag on this?” and USPTO says (quoted at right) the answer is “only until December 2018”.  December 2018 is when USPTO says it will “retire PKI”.  This means, I guess, that it will no longer be possible to log in at EFS-Web or PAIR using the EPF file.  Saying this differently, by December 2018 it will be necessary that everybody will have gotten through all of these transition steps.

Please post questions or comments below.

7 Replies to “How the “new, safer and simpler log-in” works at the USPTO?”

  1. You are not able to migrate until after October 1st. Did you attend the webinar the USPTO put out explaining this process? What is backwards, I think, is that the USPTO, has attorneys migrating after October 1st and then they can sponsor their staff effective November 1st.

    1. Thank you no I was not able to attend the USPTO’s September 20 webinar (I had a good excuse because I was teaching a class for WIPO in Austin, Texas that day) and I was not able to attend USPTO’s September 26 webinar (I have a good excuse because I was on an airplane flying to Washington to teach a class for WIPO). I was hoping USPTO might share with me their slides for last week’s webinar.

  2. Has the USPTO provided any information with regard to the mechanism by which automated systems (e.g., docketing systems) will be able to access Private PAIR? Will there be an alternative to two-factor authentication for such systems?

    1. Yes in geek-speak the question is “has USPTO published an API for Private PAIR?” And the answer is no, USPTO has not. About one million years ago we had Partridge which was able to go into Private PAIR and scrape the PAIR pages, but then USPTO changed things and it was not possible to do screen scraping like that any more. And anyway HTML is not the best for this. There is an XML download button on many PAIR pages but that requires human interaction. Yes it would be very helpful if USPTO were to provide a published API for Private PAIR.

  3. If your MyUSPTO account doesn’t have the “always use 2 factor authentication” box checked, you can’t link the accounts even though you’ve received the 6 digit access code. Sign into MyUSPTO, click on your name in the upper right corner, click on account, check the box, save, and log out. Then log back in and you can receive and use a new access code, and link the accounts.

  4. I attended an information session WebEx this morning and they explained a lot about the migration and steps to take.

    I have a Mac computer and they neglected to tell us that there are problems with Macs. Anyone else having troubles (or success??? Please!) with a Mac?

  5. Do you know if the new system will affect anyone who works outside of the US? Will they still be able to log in and access records in PAIR and also submit filings via EFS?

Leave a Reply

Your email address will not be published. Required fields are marked *