The SSA said all new and existing ‘my Social Security’ account holders will need to provide a cell phone number. The agency said it will use the mobile numbers to send users an 8-digit code via text message that needs to be entered along with a username and password to log in to the site.
The SSA noted it was making the change to comply with an executive order for federal agencies to provide more secure authentication for their online services.
Although the SSA’s policy change provides additional proof that the person signing in is the same individual who established multi-factor authentication in the first place, it does not appear to provide any additional proof that the person creating an account at ssa.gov is who they say they are.
In addition to the SSA’s optional security measures, Americans can further block ID thieves by placing a security freeze on their credit files with the major credit bureaus. Readers who have taken my ceaseless advice to freeze their credit will need to temporarily thaw the freeze in order to complete the process of creating an account at ssa.gov. Looked at another way, having a freeze in place blocks ID thieves from fraudulently creating an account in your name and potentially diverting your government benefits.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now