Step 1: Go to HARP and select Having trouble logging in?

Step 2: Select Forgot User ID or Password.

Step 3: Enter your email address and select Send Email.

Step 4: You will receive an email containing your user ID. You can ignore the Reset Password button if you don’t need to reset your password.

Step 1: Go to HARP and select Having trouble logging in?

Step 2: Select Forgot User ID or Password.

Step 3: Enter your email address and select Send Email.

Step 4: You will receive an email containing your user ID and a button to reset your password.

Step 5: Select Reset Password (you will be prompted to answer your challenge question).

Step 6: Enter your challenge question answer and select Next.

If you forgot your challenge question answer, follow the instructions for Forgot your Password and Challenge Question (Full Account Recovery).

Step 7: Enter your new password and confirm your new password, then select Reset Password.

Step 8: You should now be able to log in with your user ID and new password.

Step 1: Go to HARP and select Having trouble logging in?

Step 2: Select Full Account Recovery.

Step 3: Enter your Email Address, First Name, Last Name, and Date of Birth, and select Send Email.

Step 4: You will receive an email that contains your user ID and a button to recover your account.

Step 5: Select Recover Account.

Step 6: You will be prompted to establish a challenge question and answer.

Step 7: Once you have chosen your challenge question and provided an answer, select Reset Challenge Question.

Step 8: Enter and confirm your new password and select Reset Password.

Step 9: You should now be able to log in with your user ID and new password.

Step 1: Reregister by going to https://harp.cms.gov/register.

Step 2: Enter your profile information (you may use the same personal and corporate email addresses as your deactivated account) and select Next.

Step 3: Choose a different user ID from your deactivated account, enter your password and challenge question, and select Next.

Step 3a: If your profile information fails to verify your identity, you have two options:

• If you think you know what you entered incorrectly, you can retry remote proofing by returning to the Profile Information screen and selecting Retry Remote Proofing. Entering the last four digits of your SSN and date of birth or your Reference Number will pre-populate the Profile Information fields.
• Call Experian to verify your identity over the phone and then enter your reference number on the Profile Information screen by selecting Enter Reference Number. This will pre-populate the Profile Information fields.

Step 4: Your new account has been created and you will receive a confirmation email.

Step 5: Select Login to Complete Setup to log into HARP and set up two-factor authentication. Once you have set up two-factor authentication, feel free to log into your respective CMS application. Follow your application’s instructions for how to request a role as all roles associated with your deactivated account will have been removed.

Step 1: Log into HARP – you will land on your user dashboard.

Step 2: To edit your Profile Information, select View/Edit Profile Information.

Step 3: Select the Edit button and modify your information, such as Email Address, Home Address, etc.

Note: You cannot update your First Name, Last Name, or Date of Birth in your User Profile. Call your application’s help desk if you need to update these fields.

Step 4: To allow the HARP team to reach out to you for user feedback, select the checkbox to opt into user feedback sessions.

Step 5: Select Save to save your changes.

Step 1: Log into HARP – you will land on your user dashboard.

Step 2: To change your password, select Change Password.

Step 3: Enter your Old Password, New Password, and Confirm New Password.

Step 4: Select Save to change your password.

Step 1: Log into HARP – you will land on your user dashboard.

Step 2: To update your challenge question, select Update Challenge Question.

Step 3: Enter your Password, select a new Challenge Question, and enter your Challenge Question Answer.

Step 4: Select Save to update your challenge question.

Step 1: Log into HARP – you will land on your user dashboard.

Step 2: To update your challenge question, select Manage Two-Factor Devices – you will see a list of your existing two-factor authentication devices.

Step 3: To add a new two-factor authentication device, select the Device Type, follow the instructions, and select Send Code.

Step 4: Enter the security code to verify the device and select Submit.

Step 5: To remove a device, select the associated Remove link for the device you would like to remove.

Step 6: Verify you want to remove the device and select Remove – the device will be removed from your list of two-factor authentication devices. 

Step 1: Log into HARP – you will land on your user dashboard. From there, select User Roles.

Step 2: Select Request a Role.

Step 3: Select the desired Program and select Next.

Step 4: Select your Organization and select Next.

Step 5: Select the Security Official role and select Submit.

Step 6: You will be notified via email when your role has been approved or rejected by an existing SO.

Step 1: Log into HARP – you will land on your user dashboard. From there, select Security Official.

Step 2: You will land on the Role Requests screen and see a list of pending role requests.

Step 3: Select the checkbox for one or many requests.

Step 4: Select Approve or Reject.

Step 5: An email will be sent to the requester notifying them of approval or rejection.

Step 1: Log into HARP – you will land on your user dashboard. From there, select Security Official.

Step 2: Select User Lookup in the left navigation.

Step 3: Choose your Program and Organization.

Step 4: Use the search bar to search for users by first name, last name, email, or user ID.

Step 5: Select a user's name to see their User Roles and Profile Information.

Step 6: Select the Remove link for the User Role you would like to remove.

Step 7: Confirm the removal.

Step 8: The user's role will be removed from the list of User Roles.

Step 1: Log into HARP – you will land on your user dashboard. From there, select Security Official.

Step 2: Select Request History in the left navigation.

Step 3: Optionally, use the search bar to search for a previous request by name or request ID.

Step 4: Select View per request to see the request details, including completion date, organization, role, and whether the request was approved or rejected.

User IDs must be between 6-100 characters and unique (cannot already be taken by another user).

Passwords must be a minimum of 12 characters and include a lowercase letter, uppercase letter, number (0-9), and symbol (!@#$%^*). They cannot contain first name, last name, or part of user ID.

HARP is a secure identity management portal and asks for personal information to verify the user's identity. HARP uses Experian to remotely proof users by taking user-entered data, such as date of birth and social security number (SSN), to generate a list of personal questions for the user to answer to verify his/her identity.

• RIDP is the process of validating sufficient information that uniquely identifies you (e.g., credit history, personal demographic information, and other indicators). This method is used for verifying the identity of a user as opposed to manual proofing or in-person proofing. If you are requesting electronic access to protected CMS information or systems, you must be identity proofed to gain access.
• CMS uses the Experian identity verification system to remotely perform identity proofing. Experian is used by CMS to confirm your identity when you need to access a protected CMS Application.
• You may have already encountered RIDP through various interactions with banking systems, credit reporting agencies, and shipping companies.
• When you log in to HARP, you will have the option to RIDP. You will be asked to provide a set of core credentials which include:
  • Full Legal Name, Social Security Number, Date of Birth, Current Residential Address
• Experian will use your core credentials to locate your personal information in Experian and generate a set of questions. Experian will attempt to verify your identity to the appropriate level of assurance with the information you provided. Most users can complete the ID proofing process in less than five minutes. If you encounter problems with RIDP, you will be asked to contact Experian Support Services via telephone at (866) 578-5409 to resolve any issues.

If you cannot identity proof online, you will be asked to contact the Experian Verification Support Services Help Desk at (866) 578-5409. The system will provide you with a Reference Number to track your case. For security purposes, the Experian Help Desk cannot assist you if you do not have the reference number.

Account passwords are required to be reset after 60 days of inactivity. Please remember to log in within this period to avoid password expiration.

If your account has been deactivated, it cannot be recovered. However, you may use our registration portal to create a new account. Although you may re-register using the same email address, you will have to select a new user ID. Your previous roles will not be available and will need to be requested again.

If you are using an EUA-issued ID to access HARP-provisioned services, then you will need to coordinate with the COR managing your new contract. If your employer is changing, you may be required to create a new EUA ID and request access under your new contract. If your employer is staying the same, you may be able to work with the COR to reassign your EUA ID to your new contract. Either way, you will need to ensure that your EUA ID profile reflects your current contact information, and you will need to request HARP roles under your new contract.

If you are using a HARP-issued ID to access HARP-provisioned services, then you will need to ensure that your HARP ID is still active, and you will need to request HARP roles under your new contract.