Social Security Administration adds second factor to web login

(Getty Images)


Written by

The agency that hands out Social Security payments will begin requiring a second method of identity verification when users log in to its online system.

Starting June 10, the website will require users to receive a one-time code on their phone or via email and enter it while logging in with their usual username and password.

“Using two ways to identify you when you log on will help better protect your account from unauthorized use and potential identity fraud,” an SSA notification explains.

This layer of authentication isn’t new. The my Social Security site has offered it as an option since it launched in May 2012.

Additionally, last summer the agency tried to roll out a similar program but limited it to sending the verification codes to cellphones only. That program, however, hit some snags, and lawmakers worried that it put “undue burden” on seniors, many of whom don’t own cellphones.

Ultimately, SSA rolled back that mandate.

“Our aggressive implementation inconvenienced or restricted access to some of our account holders,” SSA spokeswoman Nicole Tiggemann said then in a statement. “ We are listening to the public’s concerns and are responding by temporarily rolling back this mandate.”

By adding email to the mix this time around, SSA said in a blog post it “listened to [users’] concerns.” Now, “since an email address is already required to use my Social Security, everyone can continue to benefit from the features my Social Security provides.”

“We’re committed to using the best technologies and standards available to protect our customers’ data,” the post says. “This new security advancement is just one of the ways we’re ensuring the safety of the resources entrusted to us.”

-In this Story-

authentication, Cybersecurity, email, mobile and wireless, multi-factor authentication, News, Social Security Administration, SSA, two-factor authentication (2FA)