Two-factor authentication in ePCT – polling results

Today’s webinar was entitled Intro to ePCT, why ePCT is important, getting a user ID and password, setting up 2FA.

I conducted a few polls about 2FA during the webinar, and here are some results. 

I asked “which of the 2FA methods do you have set up for your WIPO account?”

click to enlarge

As you can see, most folks have an SMS one-time code set up.    The other methods have fewer users.  You can see my blog article about “push notification”.

I then asked “which 2FA method is your favorite for daily use?”  And again the winner was SMS one-time codes.

click to enlarge

Finally I asked people to say whether they have at least two kinds of 2FA set up.  (It is a Best Practice to have at least two kinds of 2FA set up on one’s WIPO account, see blog article.)  I was disappointed to see that more than half of respondents did not have at least two kinds of 2FA set up.

click to enlarge

As a reminder, you can sign up for future ePCT webinars.

5 Replies to “Two-factor authentication in ePCT – polling results”

  1. Thanks to Carl’s strongly worded advice, I got my second 2FA setup using the ForgeRock.
    Worked well. Downloaded the app, got a QR code on the wipo screen. Scanned it with
    the ForgeRock app on my iPhone and it’s now all configured.

  2. I am surprised to see that the “Browser Certificate” option was not on top, even second but last. While I do have, of course, alternative F2As set up, I find the Certificate is by far the easiest and quickest way, imho.

    1. I agree that the certificate is the easiest method to use and it’s the one I regularly use,. However, WIPO clearly wants everyone to move away from them because they’ve been a support headache for them. WIPO no longer allows renewal of the certificates, so when a certificate expires, the only option is to get a new one. When my certificate expires, I’ll probably reluctantly start using the ForgeRock app push notification.

  3. I currently use my EPO smartcard as my 1st authentication method & a text message to my mobile phone as my 2nd authentication method.
    However, I now also have digital certificates required to act as a representative before the UPC which are causing havoc as my computer needs resetting to allow use of the “My EPO” on-line service from the EPO. As this is all very recent, I haven’t had a chance to check my WIPO account yet and I think that I really should move away from relying on my EPO smartcard and have a look at these “push” notifications.

  4. I use the app passcode as my primary choice, and use Oracle Authenticator for WIPO and for USPTO, so I just have to remember to select the right one in the app.

Leave a Reply

Your email address will not be published. Required fields are marked *