An official website of the United States government.

We've made some changes to If the information you are looking for is not here, you may be able to find it on the EPA Web Archive or the January 19, 2017 Web Snapshot.

Cross-Media Electronic Reporting Rule

User Identification, Verification, and Authentication: Challenge Question Second-Factor Approach

EPA has determined that to meet the CROMERR requirement, a system using PIN/password must be accompanied by some other identifier that, together with the PIN/password, will be sufficient to prove that the e-signature has not been compromised. One approach is to use the PIN/password in conjunction with a ‘second factor’ to create an e-signature. This document outlines the use of challenge questions as one approach to meeting this CROMERR requirement.

You may need a PDF reader to view some of the files on this page. See EPA’s About PDF page to learn more.