Social Security Administration’s Second Attempt at 2FA Fails Federal Government’s Own Standards, Not Secure

In July 2016, the SSA announced they would implement multifactor authentication. This year, the effort soon evolved into sending one-time and time-sensitive passwords to the users by two methods, email or cell phone.

Read full news article on Infosec Island