Today’s webinar was entitled Intro to ePCT, why ePCT is important, getting a user ID and password, setting up 2FA.
I conducted a few polls about 2FA during the webinar, and here are some results.
I asked “which of the 2FA methods do you have set up for your WIPO account?”
As you can see, most folks have an SMS one-time code set up. The other methods have fewer users. You can see my blog article about “push notification”.
I then asked “which 2FA method is your favorite for daily use?” And again the winner was SMS one-time codes.
Finally I asked people to say whether they have at least two kinds of 2FA set up. (It is a Best Practice to have at least two kinds of 2FA set up on one’s WIPO account, see blog article.) I was disappointed to see that more than half of respondents did not have at least two kinds of 2FA set up.
As a reminder, you can sign up for future ePCT webinars.
Thanks to Carl’s strongly worded advice, I got my second 2FA setup using the ForgeRock.
Worked well. Downloaded the app, got a QR code on the wipo screen. Scanned it with
the ForgeRock app on my iPhone and it’s now all configured.
I am surprised to see that the “Browser Certificate” option was not on top, even second but last. While I do have, of course, alternative F2As set up, I find the Certificate is by far the easiest and quickest way, imho.
I agree that the certificate is the easiest method to use and it’s the one I regularly use,. However, WIPO clearly wants everyone to move away from them because they’ve been a support headache for them. WIPO no longer allows renewal of the certificates, so when a certificate expires, the only option is to get a new one. When my certificate expires, I’ll probably reluctantly start using the ForgeRock app push notification.
I currently use my EPO smartcard as my 1st authentication method & a text message to my mobile phone as my 2nd authentication method.
However, I now also have digital certificates required to act as a representative before the UPC which are causing havoc as my computer needs resetting to allow use of the “My EPO” on-line service from the EPO. As this is all very recent, I haven’t had a chance to check my WIPO account yet and I think that I really should move away from relying on my EPO smartcard and have a look at these “push” notifications.
I use the app passcode as my primary choice, and use Oracle Authenticator for WIPO and for USPTO, so I just have to remember to select the right one in the app.