Where can I get the password for the electronic signature certificate? You can issue an electronic signature through the “Personal Account of a Taxpayer - Individual Tax Electronic Key”

When using the taxpayer’s online account, a simplified mechanism for certifying documents using an electronic signature (ES) has been introduced. Innovations recently are associated with the installation of a new electronic signature for users old version account. During the registration procedure, an error often occurs when generating a certificate in the taxpayer’s personal account, which can be resolved in several ways.

Scheme for creating an electronic signature

An electronic signature is a strengthened version of confirmation that a document is recognized as valid and is equivalent to a paper form where written initials are placed. During the process of registering an account on the tax service website, it is possible to create an unqualified type of electronic signature with the following properties:

used in document flow within the Federal Tax Service;
The encryption system is characterized by a high level of security.

As mentioned above, an electronic signature was available in the old account, but in the updated version you have to register a new certificate. Moreover, it is proposed to store the registered electronic signature at the user’s station or at the Federal Tax Service service. In view of fraudulent activities, it is recommended to use the latter option, since it is mostly safe and can be used on mobile gadgets. When a taxpayer wants to install an electronic signature on his PC, he will need to ensure that the key is protected with special programs. Responsibility rests with the user.

Instructions for obtaining electronic signature

Following the procedure below, the user will quickly register the certificate. To do this you need:

log in to your personal account (enter login, password or apply data account in State Services);
open your profile - click on the item where your full name and tax identification number are indicated;
in your profile, click on the “Get electronic signature” service;
mark the desired storage option in the list of suggested ones;
set a password combination to open a certificate;
Confirm previously entered data by re-typing;
Click on the “Send request” command.

Attention! When information is sent to the service, “Generation of electronic signature” appears on the page.

Note! The process requires the installation of a program that generates keys. All characteristics are indicated under the “System requirements” item. Versions available for operating systemsWindows AndMacOs.

At the creation stage, there is a function for registering an existing qualified electronic signature. It implies possession of a certificate issued by a certified center, namely: the organization must be accredited by the Ministry of Telecom and Mass Communications of Russia. To successfully work in the taxpayer’s account, data must be exchanged in order to subsequently use the electronic signature in the electronic document management system of the tax service.

A certificate generation error occurs

During the registration process, the user may receive a message: “Error generating certificate.” An incident happens for various reasons:

carrying out technical work on the Federal Tax Service website;
Registration of electronic signature takes a long time in most cases.

Based on reviews from citizens who have been using the electronic signature of the Federal Tax Service for a long time, the conclusion arises that registration of code combinations takes 30 minutes, and in some cases extends to 2 days. Then the question arises of how long it takes to create a taxpayer’s personal account.

Note! When starting the service, a message appears about the duration of registration and the ability to exit the account if necessary, which does not interfere with the procedure for generating data.

Situations cannot be excluded when additional programs for generating codes have not been installed (the user did not use the link when reading the system requirements). As a result, the service will not be able to find a workstation to save information.

Options for solving the problem

If an error problem is identified when generating an electronic signature in the taxpayer’s account, you should resort to one of the methods:

try to download the certificate again - often a secondary or tertiary attempt ends in success, since the system may be reloaded with applications;
familiarize yourself with the schedule of technical work on the Federal Tax Service website and reschedule the procedure for another day;
after sending a request to register an electronic key, exit your account, since notification of the assignment of a certificate will arrive at the next authorization;
contact the tax office, presenting your TIN and passport.

It is important to know! Often, the initial launch of certificate generation does not allow obtaining data. However, when the operation is repeated, everything ends successfully. Moreover, the secondary request is made on the same day or a week later.

Viewing certificate details

When the user manages to obtain an electronic signature from the Federal Tax Service, a message appears about the release of keys. There are two options available:

viewing;
review.

If you select View Certificate, you must enter the password you previously set during the registration process. As a result, a window with information opens:

SNILS;
owner;
validity;
number;
publisher;
email address.

If you do purchase it, then you will have the opportunity to register in the taxpayer’s personal account without going through the ordeal of the tax authorities, and then log in using this very signature. By the way, in government services too. And of course, sign all possible electronic documents for her, including the tax office, of course.

Electronic signature in the taxpayer’s personal account

From July 1, 2020 to the Tax Code Russian Federation appropriate amendments were made and electronic service " Personal Area Taxpayer" received the official status of an information resource that can be used for taxpayers and tax authorities to exercise their rights and obligations.

You can issue an electronic signature through the “Personal Account of a Taxpayer – Individual”

The SKB Kontur website has a convenient certificate selection wizard that allows the client to answer several questions regarding the scope of application of the required certificate, and as a result receive one or more types of certificates that completely cover their needs. The special tariff “Electronic Signature 2.0” includes two digital signature certificates - qualified and unqualified - and is suitable for solving most problems.

Where and how to get an electronic signature

As a rule, if the certificate is issued by an enterprise licensed by the Ministry of Telecom and Mass Communications, the problem of checking its relevance does not arise. When connecting to services using an electronic signature key in the name of the certificate, the user always sees the validity period of his key. A few weeks in advance, any system (trading platform or Federal Tax Service service) notifies the user that the validity period of his certificate is coming to an end, every time he uses the key. The user’s task is to contact his certification center in time to renew the certificate.

How to get an electronic signature key for the tax office

Together with the flash drive, which contains information about the electronic signature, the client receives software for installation on his computer, a license and a certificate. At home, you will need to install the program and insert the flash drive into the USB connector. In the authorization form on the State Services portal, at the bottom you must select “Log in using electronic means.” And then select the path to the removable storage device.

EDS) electronic signature for public services, creation and receipt

Extract from the Unified State Register of Legal Entities/Unified State Register of Individual Entrepreneurs in in electronic format with an electronic signature of the tax authority (if there is no data in the tax service, provide an extract from the Unified State Register of Legal Entities/Unified State Register of Individual Entrepreneurs, duly certified);
A copy of the applicant’s identity document in accordance with the legislation of the Russian Federation, certified by the signature of the owner;
A copy of the document on assignment of the insurance number of the citizen’s individual personal account in the compulsory pension insurance system (SNILS), certified by the signature of the owner;
A copy of a document confirming the authority of the applicant’s employee, certified by the head of the organization;
A signed application for the production of an electronic key certificate.

Events Quarter

A default password is set for each electronic signature medium, be it Etoken (Jacarta) or RuToken. The password may also be called a “pin code”. When a user performs any action with an electronic signature (authorization on the site using an electronic signature or signing an application), the digital signature is accessed and the user is asked for a PIN code (password).

Portal My EDS Electronic signature - it's easy! Electronic trading is convenient! State

It is impossible to purchase a qualified electronic signature, which requires a visit to a CA, for free. This mostly applies to legal entities. Individuals can obtain broader powers by registering on the government services website using SNILS.

Electronic signature (EDS) for government services – creation and receipt

They are inextricably linked and work as a system: the public key is provided to the signatory’s counterparties and stored in the archive of the certification center. The private key is stored by the owner of the digital signature and is used to endorse electronic documents and send certificates.

How to obtain an electronic digital signature certificate

Therefore, in order to use this Internet service, you must fulfill a number of technical conditions:
OS Windows XP SP3 or higher (for example, Windows 7);
Internet Explorer 8.0 or higher;
Crypto PRO CSP 3.6 or higher with a valid license;
A set of drivers and additional utilities for working with eToken/Rutoken electronic keys;
Crypto PRO EDS browser plug-in for Windows.

Tax electronic key

Electronic signature verification key certificate an electronic document or a paper document issued by a certification center or an authorized representative of the certification center and confirming that the electronic signature verification key belongs to the owner of the electronic signature verification key certificate.

Where to get the password for the electronic signature certificate

When a key is generated, information about its owner is saved, and the resulting file is called a signing key certificate. This document must include the public key, as well as information about the owner of the digital signature and the certification center that issued this key.

Certificate and EDS key

Electronic exchange of documents between companies and government agencies is gaining more and more momentum, as it significantly reduces the time it takes to transfer documents. To give legal significance to the transmitted information, the parties to electronic document management (EDF) sign files with their electronic digital signatures (EDS). A document certified with an electronic digital signature is equivalent to a paper medium endorsed by an authorized person. The procedure for obtaining and using EDS is regulated by the Law “On Electronic Signatures” dated April 6, 2011 No. 63-FZ, which provides for the following types of EDS: simple and enhanced.

Where to get an electronic signature key certificate

The ownership of the digital signature by a specific person or organization is confirmed by a qualified certificate of the electronic signature verification key, which is generated by the Certification Center. This document is issued to its owner on paper and installed as a file on the eToken technical media.

Electronic signature public key certificate

Receive or replace a civil or foreign passport, TIN;
Request information about income, debts, fines from the tax and traffic police;
Receive an extract from the Unified State Register of Real Estate in electronic form;
Check the account in the Pension Fund of the Russian Federation;
Register or deregister in the city, carry out similar operations with the car;
Apply to a university in another city;
Conclude contracts for remote work;
Participate in the system electronic trading countrywide;
Register an individual entrepreneur or legal entity;
Obtain a license, patent.

How to obtain an electronic signature at the MFC

05 Dec 2018 778

Publication date: 12/15/2015 12:46 (archive)

Currently, electronic document management is becoming the most common and convenient way for taxpayers to interact with tax authorities.

The benefits of electronic communication can be appreciated by users of the “ ” service (hereinafter referred to as “Personal Account”), located on the official website of the Federal Tax Service of Russia (). Functionality The “Personal Account” is very extensive: the service allows you to independently control calculations for property taxes; and also monitor the progress of the audit of declarations sent to the tax authority; view information on income submitted by tax agents in the form of 2-NDFL certificates; pay taxes, etc.

On July 1, 2015, appropriate amendments were made to the Tax Code of the Russian Federation and the electronic service “Taxpayer’s Personal Account” received the official status of an information resource that can be used for taxpayers and tax authorities to exercise their rights and obligations.

Users of the “Taxpayer Personal Account for Individuals” service have the opportunity to send tax documents (declarations) and information signed with an enhanced non-qualified electronic signature to the tax authorities. Only electronic documents signed with a non-qualified electronic signature are recognized as equivalent to paper documents signed with the taxpayer’s own handwritten signature.

You can obtain an electronic signature for interaction with tax authorities in electronic form absolutely free of charge through the “Personal Account” in the “Profile” section. The Federal Tax Service of Russia offers two options for storing a signature: the key to it is stored either on the user’s computer or in a storage facility protected by the tax service. The electronic signature verification key certificate is valid for one year. After the key certificate expires, the taxpayer must independently obtain a new certificate through the “Personal Account”.

The signature certificate can be used to sign and send to the tax authorities through the “Personal Account”: applications for refund and offset of overpaid tax; applications for benefits on land, transport taxes, and property taxes for individuals; notifications about selected tax objects in respect of which the benefit applies; messages about the availability of property and vehicles; tax return in form 3-NDFL, supporting documents for it and much more.

1. What is an electronic signature?

An electronic signature (electronic digital signature) is a requisite of an electronic document that makes it possible to establish the absence of distortion of information in an electronic document from the moment of its signing and to verify that the signature belongs to the owner of the electronic signature key certificate. The value of the attribute is obtained as a result of cryptographic transformation of information using private key signatures. An electronic signature is analogous to a handwritten signature. The use of electronic signatures in Russia is regulated federal law No. 63-FZ dated April 6, 2011

2. How to create an electronic signature?

You can create your own electronic signature using the “Key Management” section of the main menu of the system if you have a code word, which you must indicate in the Client Questionnaire when visiting our office in person or during the process of opening an account online.

To create and use an electronic digital signature in the system, you must also sign an Agreement on the use of documents in electronic form at the company’s office or in another possible way.

3. How to change an electronic signature?

An electronic signature cannot be changed. However, you can create a new electronic signature key using the “Key Management” section of the system’s main menu. To do this you will need to enter your code word. After creating a new electronic signature key, your old key is canceled.

4. How safe is it to use an electronic signature?

An electronic signature is almost impossible to forge. However, you must take some precautions. Keep the electronic signature key in places inaccessible to unauthorized persons! Do not give the key file and access password to anyone! If you have suspicions that your electronic signature key may be used by other persons, immediately notify the Company by phone: +7 812 635 68 65. The Client bears full responsibility for the safety of the electronic signature key and passwords.

5. I forgot my electronic signature key password, what should I do?

The electronic signature key password cannot be recovered. If you have forgotten it, create a new electronic signature using the “Key Management” section of the system’s main menu. To do this, you will need to enter your code word. After creating a new electronic signature key, your old key is canceled.

If you suspect that your electronic signature keys may have been changed by third parties, immediately notify the customer service department by phone. +7 812 635-68-65 to block access to your account and cancel your electronic signature key.

6. I forgot my code word, what should I do?

The code word cannot be recovered. We cannot send it to your address e-mail or say it over the phone. To change the code word, you need to come to one of our offices in person. Check again how you enter your code word. It must be entered exactly as you wrote it in the Client Questionnaire. Check the case of letters (small or capital) and keyboard layout (input language, etc.).

7. Computer requirements for signing documents with an electronic signature

On your computer, a component must be installed and enabled in the browser settings - Java Virtual Machine (JVM, virtual Java machine), which is needed to launch and operate applets (downloadable software modules) for generating keys and electronically signing documents.

Microsoft Internet Explorer usually comes with a Java machine from Microsoft - Microsoft VM. You can also install a similar component from SUN (SUN Java Virtual Machine browser plug-in), which can be downloaded from the SUN website.

After downloading the file, double-click to start installing the component. After the component is installed, you must restart your computer.

The service works correctly with components 3 of Microsoft VM version 5.0 and higher, as well as Sun Java browser plug-in version 1.4.2_03 and higher, 1.5.0 and higher, 1.6.0 and higher.

You can view information about the installed Java VM component (and also enable/disable it) in the browser menu “Tools” -> “Internet Options” on the “Advanced” tab; in the window that opens, look for the section about VM (Microsoft VM or Java (Sun)).

The version of the Microsoft VM component can be viewed in the menu “View” -> “Java language window” (Java console), if the “Java console enabled” option is enabled on the “Advanced” tab.

If you have both Microsoft VM and Sun Java plug-in installed and enabled in your browser, then one of them must be disabled.

If you use a browser other than Microsoft Internet Explorer, we recommend choosing a browser installation package with Java or additionally installing a Java machine from Sun.

For users operating system For Linux, we recommend installing a Java machine from Sun version no lower than 1.5.0, which can be downloaded from

Federal Law dated April 6, 2011 No. 63 “On Electronic Signatures” defines the scope of use of digital signatures and approves legal force each type of electronic signature. According to the bill, a qualified signature must be accompanied by a certificate protected by a password and stored on a special medium. If the certificate password is forgotten or lost, you can recover it. And for greater security, it is recommended to replace the standard password with a custom one.

Within a few seconds, an SMS with a code will be sent to your phone, which is the password for the certificate. It is entered into the appropriate window:

The received password is valid only for 5 minutes after receipt, so if there is a delay in entering, you need to delete the link and repeat the entire process again. If the password has not been received within a few minutes, you can request it again.

If all the data is correct, then you need to check the box next to “I confirm my consent to issue the certificate.” If an error is detected in the data, you must contact the technical support of the certification authority that issued the certificate. Sometimes at this stage an error appears asking you to reconfigure your PC. If this happens, you need to go to the setup page and repeat all the steps from the beginning.

Standard code from EP

The developers have come up with a number of standard factory codes that all users can use as a PIN code from a secure media. For EN Rutoken Lite/S/EDS version 2.0. This:

For administrator: 87654321;
For client: 12345678.

The eToken carrier uses the standard user code 1234567890. The eSmart/JaCarta LT and JaCarta device works with the code 12345678, and JaCarta SE (used to work with EGAIS) uses several codes:

For administrator: 00000000;
For the client: 11111111.

For the part responsible for GOST, this token requires different passwords for the administrator and user, respectively: 1234567890 and 0987654321.

Replacing the electronic signature code

For reliability and greater information protection, it is better not to use default codes, but to change them to personal ones. To replace the password on Rutoken Lite/S/EDS version 2.0. need to:

Go to the menu, select “Control Panel” and “Manage Rutoken”;
Click “Enter PIN code” (a standard code is entered);
In the management tab that opens, click “Change” and enter a new password.

For a JaCarta Se/LT carrier, the procedure is slightly different:

In the JaCarta client you need to switch to user mode;

Click opposite the selected section “Change PIN code”;

Enter the current and new password, then click “Run”.

The administrator password is changed accordingly. If everything is done correctly, a message indicating the successful change of information will appear.

Password recovery procedure

When working with a token, the password on the PC is set only once. The Rutoken remembers the pin automatically and does not require entering it in the future. However, when reinstalling the OS or in case of replacing part of the PC equipment, it is necessary to reinstall the electronic signature and enter the code.

Where to get the password to access the electronic signature certificate depends on the features of the system. If the ES key is built into the OS, then you can use the installed activated program CryptoPro CSP version 3.6 and higher. The first step in password recovery is to open the directory in which CryptoPro is installed. If let remains unchanged, then the application folder is located in the directory section Program Files on the OS disk. Then you need to find the csptest file, which will allow you to find out the password for the attached certificate. After launching the utility, enter the command in a new window: Program FilesCrypto ProCSP -keyset -enum_cont -fqcn –verifycontext.

The window will show all installed digital signature containers. Then the user enters the command: csptest -passwd -showsaved -container indicating the code of the container for which the password is required. After confirming the entry, information about the key is displayed.

If the password was changed and lost, and the key was not built into the OS, then the user will no longer be able to work with this electronic signature.

It is necessary to contact the CA again to stop the validity of this signature and submit an application for the production of new details. The inability to recover a password reduces the risk of third parties compromising the digital signature. Even if the token was stolen or lost, changing the EDS password through the factory settings or contacting the CA will not work.

Code word recovery

The procedure for restoring the code word is simpler. To change, you must contact the certification center that issued the digital signature certificate with your passport. The client writes an application to replace the code word, indicating a new one. When filling out the form, you need to pay attention to the accuracy of spelling, the number of capital letters and numbers.

Information security of an electronic signature is ensured by special authentication means - tokens or USB keys. In Russia, two connected tokens are popular: JaCarta and Rutoken.

JaCarta SE/LT

The devices of this identification system include smart cards, USB tokens and security units for creating and verifying digital signatures, encrypting transmitted information and securely storing a database. JaCarta is Russian product, created by the company "Aladdin R.D." The token is used in the electronic document management system, on electronic trading platforms and in the remote banking system, at customs, for submitting reports to the Federal Tax Service, Pension Fund, etc.

The device can also be used to store CIPF containers, certificates, passwords and licenses. The company's latest development is the JaCarta PKI/GOST/SE USB key. The token provides highly accurate two-phase electronic signature authentication in information system narrow focus. This token has 2 functions:

Used as a means of electronic signature and for access to protected information of specialized systems;
Used as a secure storage of keys and key containers.

The USB token has all the security certificates of the FSB of Russia and FSTEC.

JaCarta U2F is a token equipped with a mechanical button and a feature that supports FIDO U2F authentication. It provides the ability to use one token to gain access to various social and specialized resources. This token has also received certificates from the FSB and FSTEC of the Russian Federation, and such international security certificates as Common Criteria EAL 5+.

Rutoken S Lite/EDS 2.0

The Rutoken product is produced by the Russian company "Active", which also has a patent for the invention. It is visually different from JaCarta due to its red body. The device is designed to use an electronic signature key and a digital signature verification key. A database of cryptographic algorithms was used in the development of the token.

Rutoken EDS 2.0 is needed to ensure the safety of electronic signature keys in the built-in secure memory, and does not have the ability to export them. A USB key is used in electronic document management and remote banking. Rutokens are the first means of user authentication that have been certified by the FSB for compliance with:

GOST R 34.10-2012 on the formation and verification of electronic signatures;
GOST 34.11-2012 on the algorithm and procedure for calculating the hashing function;
VKO GOST R 34.10-2012 according to the algorithm for creating a session key.

Rutoken S was created to provide two-phase user authentication, secure storage of encryption keys, etc. The media has a built-in and securely protected memory for storing access codes, keys and other confidential information. This model is used for corporate networks state corporations, because built-in cryptographic algorithms ensure full compliance of the IP with regulatory requirements.

The Bluetooth digital signature token model stores a signature certificate and is capable of certifying electronic documents on mobile devices(IOS/Android OS required). The USB key combines the functions of an electronic digital signature token and the ability to use it on smartphones and tablets via Bluetooth.

The high reliability of cryptographic information protection and token operation algorithms do not allow you to recover a lost password. If the user changed the PIN code and forgot it without registering it in the OS, then you need to purchase another electronic signature. When changing the code information, it is recommended to write down the new pin in a safe place.