Discontinuation of Phone-Based (SMS) OTP for Supplier Access
Lockheed Martin will no longer accept registration of Phone-Based One‑Time Passwords (OTP) for any two-factor authentication via Exostar. This change aligns our security controls with U.S. Government standards and applies to existing applications (e.g. Exostar TPM, LM Procure to Pay, LM eInvoicing). Effective immediately Phone OTP will no longer be a renewal option for existing users.
Supplier users using Phone-Based (SMS) OTP must transition to one of the following Exostar-provided 2FA credential types at each user’s next renewal to retain access, or sooner if they need access to any other Lockheed Martin application:
- Exostar Mobile ID + Proofing
- FIDO Passkey + Proofing
FIDO® security keys use FIDO2/WebAuthn public-key cryptography to verify you with a quick touch—no passwords to steal or phish. This works across major browsers and devices, enabling strong 2-factor authentication for faster, simpler, and more secure logins. Coupled with Identity Proofing requirements, this subscription offers superior protection against a multitude of cyber threats.
- OTP HW Token + Proofing
- Exostar Mobile ID + Hardware OTP Token + Proofing
- DOD Common Access Card (Third-Party Credential)
Individuals who require access to Export-Controlled Information (ECI) must also complete the U.S. Person Verification process with Exostar.