tag:blogger.com,1999:blog-19246708.post4595746852171565472..comments2024-03-29T02:05:50.350-04:00Comments on Social Security News: That Two Factor Authentication Fiasco Was Even Worse Than You ThoughtUnknownnoreply@blogger.comBlogger3125tag:blogger.com,1999:blog-19246708.post-87867057046652021882016-09-08T06:50:41.579-04:002016-09-08T06:50:41.579-04:00I promise not to pretend to be a lawyer if you pre...I promise not to pretend to be a lawyer if you pretend not to be a computer security professional. And your headline writing has become very Fox news like. Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-19246708.post-17890756134435172962016-09-07T09:21:05.080-04:002016-09-07T09:21:05.080-04:00Charles, next you'll be complaining about how ...Charles, next you'll be complaining about how access to SSA is not secure enough.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-19246708.post-18232353373279583092016-09-06T14:50:26.511-04:002016-09-06T14:50:26.511-04:00Two factor authentication (password plus cellphone...Two factor authentication (password plus cellphone) is more secure than one factor authentication (your password). If you would like your communications with SSA to be less secure please say so to your clients first.<br /><br />NIST said SMS-based authentication is not as secure as other second factors, not that it is worse than no second factor at all. The point of their report was to find better second factors (ever see someone carrying a little beeper like device that puts out ransom numeric codes every few minutes. When you log in you have to enter the code currently showing on the device or you don't get in. That more secrue than SMS).<br /><br /><br /><br />Mandating a 2nd factor for everyone was an obvious mistake, requiring it for professional attorneys is a no brainer.Anonymousnoreply@blogger.com