Under Fire, US Social Security Site Changes Security Policy Again

Long-time Slashdot reader Lauren Weinstein writes: I’m told that Social Security Administration has now removed the mandatory cell phone access requirement that was strongly criticized… I appreciate that SSA has done the right thing in this case. Perhaps in the future they’ll think these things through better ahead of time!

The web site now describes the “extra security” of two-factor cellphone authentication as entirely optional — but security researcher Brian Krebs had also warned that the bigger risk was how easy it was to impersonate somebody else when creating an account online. He wrote Thursday that now “the SSA is mailing letters if you sign up online, but they donâ(TM)t take that opportunity to deliver a special code to securely complete the sign up. Go figure.”

Share on Google+

Read more of this story at Slashdot.

Clip to Evernote

Leave a Reply

Your email address will not be published. Required fields are marked *