ICYMI: Credential Level Upgrade Requirement
September 29, 2025
Lockheed Martin is hardening information security requirements (moving away from phone one-time password) in order to comply with the U.S. Government standardized approach to information security.
Supplier users associated with Missiles and Fire Control (MFC) 1LMX Go-Live are strongly encouraged to upgrade their credential type prior to January 5, 2026.
The following third-party credential types adhere to both U.S. Government and all Lockheed Martin application standards*:
| Credential Type | Proofing Type Required | URL |
|---|---|---|
| Exostar Mobile ID | US: Self-Service Mobile or Live Video Proofing Non-US: Live Video Proofing |
Exostar Mobile ID |
| One-time password (OTP) Hardware Token | US: Self-Service Mobile or Live Video Proofing Non-US: Live Video Proofing |
One-time password (OTP) Hardware Token |
| FIS Hardware Token (MLOA) - Hardware | In-Person Proofing US: NotaryGo Non-US: Verify Europe |
FIS Hardware Token (MLOA) - Hardware |
| DOD Common Access Card (Third-Party Credential) |
As required by DOD CAC | DOD CAC |
*Phone-based OTP does not meet the required credential level.