Total Proposal Security

The National Science Foundation uses a computerized proposal-and-report submission system called FastLane. When I first submitted a proposal, this required three things to log in: your last name, your Social Security number, and a password of your choice.

Sometime in the last year, they stopped using the SSN, and switched to a randomly generated nine-digit ID number. Which they sent me in a massage that somehow manages not to include the strings "NSF," "FastLane," or "National Science Foundation." "ID" by itself returns too many results in GMail to be useful.

On the bright side, at least I can be confident that nobody else is going to log in and submit the final project report that's due...

More like this

So the readers have spoken: one more vote for hearing about my PI experience than the weird convo with the deans. However, I was working on the draft, and then some more work stuff got dumped on me, then SW had her popular deconstruction of one of Greg Laden's posts and I didn't want to interrupt…
Yes, indeed the DVDs are now available on a first-come, first serve basis. The NSTA has a link to the DVD giveaway page. And the NABT (National Association of Biology Teachers) has written about it, too. From the NABT: The DVD's will be given away starting Monday, December 18, 2006 thru Thursday…
Day four of the power outage, with the added angry-making twist that the people across the street from us have their power back. Staring across the road at their warm, shiny lights, I could feel the beginning of the sort of rage that fuels torch-and-pitchfork mobs storming medieval castles. Only,…
Melody points me to this gem of an advisory from the NSF:In the event of a natural or anthropogenic disaster that interferes with an organization's ability to meet a proposal submission deadline, NSF has developed the following guidelines for use by impacted organizations.  These guidelines will…

There should be a link somewhere on the FastLane home page that will let you request the secret number. At least there was three months ago when I had to submit an interim report on my NSF grant. They sent me the secret number in a message with the subject "Requested NSF ID". I looked for the message in which they originally sent me the number, but I couldn't find it.

By Eric Lund (not verified) on 29 Jun 2009 #permalink

Dear Professor Orzel,

We have not received your expected final project report. We have, however, received a new grant proposal requesting funds for the following items:

Cheese
Bunnies
Bacon
Chew Toys

We are unclear on how these items are relevant to the research funded under your current grant. One reviewer has recommended that you investigate whether someone else with access to your computer and/or residence may have intercepted a recent NSF e-mail with your new password, and used this to file a fraudulent proposal under your name.

Best wishes,

NSF

By Emory Kimbrough (not verified) on 29 Jun 2009 #permalink

There should be a link somewhere on the FastLane home page that will let you request the secret number.

I couldn't find a link, but they did have a phone support number, and after ten minutes on hold, I got it taken care of.

I still don't know what they did with the original message that GMail couldn't find it. Google's usually pretty good at that sort of thing, you know?

They sent you a massage?! How does that work? Does the NSF have a side deal with craigslist?

Sorry, couldn't resist.

Mike.

By NoAstronomer (not verified) on 29 Jun 2009 #permalink

Chad, I just checked my email client, and my version of the NSF message (January 2008) actually had the subject line "Requested NSF ID". Who knows the mysteries of gmail....

And yet FastLane is the crown jewel of federal online grants management. You could have to use grants.gov.

That sounds like "security theater" (as Bruce Schneier calls it). Sending the id afterwards using non-secure email is stupid. You should generate it in real time, during an encrypted session.

By Lassi Hippeläinen (not verified) on 29 Jun 2009 #permalink