SS Multifactor Authentication without Cell Service

[gauss]

Working for me this morning still. I setup cell phone for DW's mySSA this morning without issue (other than the required password reset).

I was pleased to see that I was able to use the same cell phone number for both her account as well as my own.

[Alan]

Quote:

Originally Posted by gauss I was pleased to see that I was able to use the same cell phone number for both her account as well as my own.

Same here, no reason why they should assume each individual should have their own number, so was not surprised that it worked since we've done that on various other financial sites.

[Tom57]

Just received this from my US Senator:

An important message from Social Security regarding access to my Social Security online services:



· Based on feedback from our customers, we are temporarily rolling back changes to the my Social Security website that had limited access for some of our users.


What changes are being rolled back?

· On July 30, 2016, we began requiring new and current my Social Security account holders to sign into their account using a one-time code sent via text message. This type of process – requiring more than a username and password to access information – is referred to as multifactor authentication.



· This “extra security” option has always been available to account holders. But we recently mandated this second layer of security to comply with the President’s Executive Order on Improving the Security of Consumer Financial Transactions. We implemented it aggressively because we have a fundamental responsibility to protect the public’s personal information.



What happened as a result of these changes and what is Social Security doing about it?



· Unfortunately, our aggressive implementation inconvenienced or restricted access to some of our account holders. We realized the extent of this problem when our customers – and your offices – reached out to us.



· We are listening to the public’s concerns and are responding by temporarily rolling back this mandate. As before July 30, current account holders will be able to access their secure account using only their username and password. Going forward, we will be highly recommending the extra security text message option, but it will not be required.



· We are developing an alternative authentication option in addition to text messaging that we will implement within the next six months.



What else do I need to know about my Social Security online services?



· We strive to balance security and customer service options – a large part of our stewardship responsibility is to keep data secure – and we want to ensure that our online services are both easy to use and secure.

· The best way to protect your information is to create a my Social Security account. If a person already has an account, a fraudulent attempt to create an account would be unsuccessful. The my Social Security service has always had a robust verification and authentication process, and it remains safe and secure.



· We regret any inconvenience individuals may have experienced. For more information on how Social Security is securing today and tomorrow, please visit https://faq.ssa.gov/.



Please feel free to contact me with any further questions or concerns.

[audreyh1]

Hmmm - I wonder if the 2FA I set up with my cellphone a couple of months ago still works?

[Alan]

Quote:

Originally Posted by audreyh1 Hmmm - I wonder if the 2FA I set up with my cellphone a couple of months ago still works?

I would think so, otherwise they would be making the system less secure than it was.

Quote:

This “extra security” option has always been available to account holders.

[easysurfer]

Quote:

Originally Posted by audreyh1 Hmmm - I wonder if the 2FA I set up with my cellphone a couple of months ago still works?

Still works for me. I added 2FA about a year ago after my tax info go hacked.

[Exrook]

Just got this from SSA:

"
On July 30, 2016, we began requiring you to sign into your my Social Security account using a one-time code sent via text message. We implemented this new layer of security, known as “multifactor authentication,” in compliance with a Presidential executive order to improve the security of consumer financial transactions. SSA implemented the improvements aggressively because we have a fundamental responsibility to protect the public’s personal information.
However, multifactor authentication inconvenienced or restricted access to some of our account holders. We’re listening to your concerns and are responding by temporarily rolling back this mandate.
As before July 30, you can now access your secure account using only your username and password. We highly recommend the extra security text message option, but it is not required. We’re developing an alternative authentication option, besides text messaging, that we’ll begin implementing within the next six months."