I think the social security administration really are not up to date on their security in my opinion. I read today Brian’s blog which is titled above and linked now entitled: Social Security Administration Now Requires Two-Factor Authentication and I am not sure that they really get it. This agency is not appealing to the masses in relation to security and the demographics they deal with.
Most people, especially older ones, do not have the means for two-factor with cell phones. Those of us who are young, we do, but what about the older generation who does not know how to use such technology?
My grandfather, bless his soul, I don’t think ever texted in his life. While he’s dead now, and has been since 2010, it would not surprise me if criminals used his information to get benefits, and other odds and ends they would want to use. My grandmother only started using a cell phone recently, and has had trouble with it. I highly doubt she is using it to set up two factor on any site, let alone having an account on the IRS web site.
I think the mailing of pins to complete the signup process would be a good idea, because if they got something in the mail with a URL to visit, it would make sure they’re getting to the right place. It would stop right there if the person, say Grandma, never signed up, but got a letter in the mail.
Grandma could call the IRS, say she never signed up, and a tech can delete the account, or help grandma sign up with a valid E-mail address over the phone.
The letter should have very clear instructions on what the person needs to do. They could also send an E-mail with E-mail verification. If the criminal got the E-mail as they would put theirs, but the victim got the mailed copy, the mailed copy would take presidence because someone like Granmdma lets say would know if she signed up. If the representative then read the E-mail address on file, and Grandma said no, thats not mine, the account could be flagged.
I could think of ways for this to work, and more things needing to be done in this regard.
Grandma, if you read this, your name isn’t mentioned, and only used as an illustration for my opinion on this article. No hard feelings.
Any thoughts? Please sound off in the comments.
Discover more from Jared's Technology podcast network
Subscribe to get the latest posts sent to your email.