2-Factor Authorization Comes to the Federal Courts
Key Dates:
- May 11, 2025 Rollout of multifactor authentication
- August 1, 2025 Courts begin randomly assigning multifactor authentication to filers
- December 31, 2025 All CM/ECF users required to adopt multifactor authentication
As modernization of the U.S. federal court system’s e-filing and records access system continues, the Administrative Office of the U.S. Courts (AO) began rolling out multifactor authentication for users of CM/ECF (Case Management/Electronic Case Files) and PACER (Public Access to Court Electronic Records) on May 11, 2025. Those of us who file with the federal courts on behalf of our attorneys need to be aware of this change and update our attorneys’ e-filing accounts to support this change.
Multi-factor, or two-factor, authentication often abbreviated as “2FA,” is a security protocol that requires a user to submit additional authentication via at least one other account or device in addition to their password. If you’ve ever signed into a website and been prompted to enter a code sent to you via text message, you’ve used a form of 2FA. Because text messages can be intercepted, PACER and CM/ECF will not support text authentication. Instead, users must rely on their choice of third-party authentication applications, including Duo, Google Authenticator, Microsoft Authenticator, and Authy. The AO does not favor any particular one of these programs.
CM/ECF users, meaning those who actually file documents in federal court, will be required to adopt the authentication. These filers do not have to wait; enrollment opened on May 11, 2025 for all filers. In August 2025, the courts will begin randomly selecting users who have not already for enrollment in the MFA program. All filers will be required to enroll by the end of 2025.
Users with only PACER access – those who only access files and cannot file documents themselves – may enroll for the added security benefits, but will not be required to do so under the current plan.
Many of us have already seen two factor authentication become part of our daily lives in our business and personal lives for financial applications and websites, email accounts, and access to other sensitive data. It is an extra complication but hopefully it will help protect identities, sensitive client data, and prevent fraud. As usual, early adopters will have an advantage as they will have a chance to get comfortable, and acclimate their attorneys, to the new technology. None of us want to be the paralegal trying to navigate it for the first time while trying to make a summary judgment motion deadline late on some August Friday night. Be aware of this change in a system many of us use every day and get in front of it before it is mandated.
https://pacer.uscourts.gov/announcements/2025/05/02/multifactor-authentication-coming-soon