In July 2016, the SSA announced they would implement multifactor authentication. This year, the effort soon evolved into sending one-time and time-sensitive passwords to the users by two methods, email or cell phone.
Read full news article on Infosec Island