Frauds & Scams

New Online Security

August 3, 2016 • By

Reading Time: 2 Minutes

Last Updated: November 3, 2023

MFAWe’ve added an extra layer of security for our customers when they interact with us online. Now, my Social Security account holders are required to use their cell phone — in addition to their username and password — as another authentication factor during online registration and every sign in. An authentication factor is information used to determine if someone is who they claim to be.

This extra layer of security is called “multifactor authentication” and complies with an executive order requiring federal agencies to provide more secure authentication for their online services. Any agency that provides online access to a customer’s personal information must now use multifactor authentication.

Since my Social Security became available in May 2012, almost 26 million people have created an account. We have always offered multifactor authentication, but only for customers who opted for extra security. For your protection, we now require multifactor authentication for all my Social Security users. To register and sign in, you must now enter a security code that we will send to your cell phone. Your cell phone provider’s text message and data rates may apply.

Our research shows that an overwhelming majority of American adults have cell phones and use them for texting. Because of technical and resource constraints, we are not currently able to offer alternative methods of satisfying this security requirement. However, we may consider adding more options in the future. We appreciate your patience as we work continuously to secure your online information.

We’re committed to using the best technologies and standards available to protect our customers’ data. Multifactor authentication is just one of the ways we’re ensuring the safety and security of the resources entrusted to us. Visit my Social Security to learn more about this helpful suite of online services, including additional details about our latest security measures.

Did you find this Information helpful?

Yes
No
Thanks for your feedback!

Tags: ,

See Comments

About the Author

Jim Borland, Assistant Deputy Commissioner, Communications

Jim Borland, Assistant Deputy Commissioner, Communications

Comments

  1. john

    I haven’t been able to log in, so have completed the steps necessary to reset my password. The verification code via text has not been received and the phone number listed is correct. (4 attempts so far since yesterday)
    What’s my next step?

    • R.F.

      Hi John, we removed the requirement to use a cell phone to access your my Social Security account. While it’s not mandatory, we encourage those of you who have a text capable cell phone to take advantage of this optional extra security, which has always been available. If you still experience difficulties logging in to your personal my Social Security account, please call 1-800-772-1213. After you hear “Briefly tell me why you are calling,” say “Help Desk” and one of our representatives will assist you. We apologize for any inconvenience you may have experienced.

  2. Phillip

    This is elder discrimination from our government towards the most economically challenged citizens

    • R.F.

      Update! We removed the requirement to use a cell phone to access your my Social Security account. While it’s not mandatory, we encourage those of you who have a text capable cell phone to take advantage of this optional extra security, which has always been available. We continue to pursue more options beyond cell phone texting. We apologize for any inconvenience you may have experienced.

  3. EWB

    > Egregious SSA account access Requirement:
    > I recently received an email from the SSA indicating that I must have a cell phone with texting service to access my SSA account.
    > I had been able to contact them very easily through email for years. I do not DO texting, nor do I want to: it is too much for the average citizen to be required to follow this procedure. Below is the text of an article in the Spartanburg Herald:
    > The Social Security Administration has created a potentially huge but avoidable problem for millions of account holders in an overzealous attempt to fight computer hackers.
    > As of this month, online users have been required to own a cellphone, register that number and obtain a text-messaged security code for use when accessing the Social Security website. The rationale for tighter security is understandable. Identity theft typically involves stealing a person’s Social Security number. A two-step authentication system, involving separate electronic devices, helps fend off computer hackers.
    > Verizon recently reported that its texting system was overwhelmed by the volume of people trying to get security codes.
    > Then there are the millions of 65-and-over retirees who don’t own cellphones. They’re part of the population segment most likely to need Social Security account access, but according to Pew Research, only 25 percent of them own smartphones. Right now, they’re shut out.
    > Cheryl Harris says she’s flummoxed. “Seniors have enough problems paying for health care and insurance without having to pay for cellphones,” the reader wrote to the Post-Dispatch last week. “This policy defeats the purpose of having easy access to SSA or having it online at all. … We worked our entire lives paying into SSA, and our employers paid double during that time. Now we cannot access our accounts because we do not have cellphones. … Now the federal government is requiring you to have a cellphone to have a SSA account. If that is the case, then it should supply every senior or other person who cannot afford cellphones a phone.”
    > Since writing you yesterday about this matter I have found that even though I have a smart phone with data access, it does not include texting and cost us only $100 each a year. It would cost me and my wife $360 each per year to have the texting ability required by the EXECUTIVE ORDER driven SSA requirement. I have further found out that the statistic cited in the Herald article is misleading, it is correct in so far as how many over 65 use TEXTING vs having a cell phone: look it up. This is an egregious requirement for seniors in a nation that has paid $1 TRILLION to protect us from terror, but not a cent to protect us from the EXECUTIVE BRANCH OF THE GOVERNMENT.

    • R.F.

      You spoke, we listened. We removed the requirement to use a cell phone to access your #mySocialSecurity account. While it’s not mandatory, we encourage those of you who have a text capable cell phone to take advantage of this optional extra security, which has always been available. We continue to pursue more options beyond cell phone texting. We apologize for any inconvenience you may have experienced. http://bit.ly/20nvsaI.

  4. Juan S.

    I’m glad that compassion and common sense finally prevailed!

  5. Glenn

    Most ridiculous thing I have seen in awhile.

    So I am on a limited budget yet you want me to have a cell phone and pay the extra for texting so I can log into my online account once in awhile!

    Your NUTS and goes to prove how stupid the government is.

    • ..

      Hello Glenn: We apologize for any inconvenience and have heard your feedback. We removed the requirement to use a cell phone to access your mySocialSecurity account. While it’s not mandatory, we encourage those of you who have a text capable cell phone to take advantage of this optional extra security, which has always been available. We continue to pursue more options beyond cell phone texting. Please continue to take advantage of your mySocial Security account without any restrictions.

  6. Pam M.

    I PRESUME there “study” looked at adults OVER 65 that use texting ??? DUH! I don’t want to pay for texting. And their “security” uses the same thing Facebook wants. How secure is that?

  7. BGP

    FYI – the “other ways” to contact social security is: by phone, visit an office, write a letter or BY E-MAIL. If we can contact SS by e-mail then why can’t this “code” be sent to our e-mail? If we already have a computer, an on-line SS account and an e-mail address which already receives e-mail msgs from SS, then why can’t the code be sent by e-mail?

  8. ben

    Is this the first step of the US Government(our elected officials lol) tying to get rid of social security? The texting cell phone trick is to prevent citizens from accessing their accounts so you won’t know what’s happening to them. Wake up people it’s the government pulling the wool over our eyes again. If you don’t know what that means you deserve what you get. But for the rest of us remember YOU VOTE COUNTS and not just for President.

  9. Shirley R.

    Shame on SS. What about people who do not have cell phones. Some retired people cannot afford them. SS needs to add an alternative and just as soon as the cell phone number is required. I give my number to no one and have pay as you go. I carry it in case my car brakes down. Cell phones can get hacked too!!

  10. T.G.

    I contacted SSA directly about this. Here is the response I got:
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Thank you for contacting the Social Security Administration.
    We apologize for the delay in answering your inquiry. We regret any inconvenience this may have caused.

    The Social Security Administration administers the Social Security programs. However, Congress develops and passes the Social Security Act, provisions, and amendments governing the programs.

    Only Congress has the ability to change the laws that govern Social Security. Therefore, we recommend that you relay your concerns to your congressional representative for consideration.

    Constituents may identify and/or contact their elected members of Congress at the following Internet sites:

    U.S. House of Representatives: http://www.house.gov

    U.S. Senate: http://www.senate.gov

    Social Security also has a Web page with current information on enacted legislation that affects Social Security benefits or Supplemental Security Income at the following Internet address:

    http://www.socialsecurity.gov/legislation
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Real helpful, right?
    Here is my response back to them:
    ——————————————————–
    Thanks for your response.

    So you’re telling me/us that congress decided to block people’s use of SSA’s MySocialSecurity website unless they can receive an authorization code by text only? I don’t believe that. This is an inappropriate answer regarding this issue. Please properly address peoples’ very valid concern with this problem which is not about passing a law in congress, but rather a poorly implemented procedure by SSA for their own website access.

    Does SSA NOT want people to use their website? Does SSA want to have people calling to get paper statements again instead of accessing them online? That process is definitely a few steps backward. But that is exactly what people will have to do if this simple adjustment to the authorization code receipt method is not updated to include options other than text only.

    This doesn’t have to be difficult, banks and other businesses and institutions all over this nation have seamlessly implemented increased security measures exactly like this, why can’t you? Don’t you have competent IT professionals that can address this problem efficiently? Simply adjust the issue within your own procedures for your website by allowing alternative means of receiving an authorization code (email, phone), don’t tell people to contact their congressperson! How ridiculous!

    Can’t someone at SSA just take responsibility of making this minor adjustment to procedures and fix this? Any number of IT people have the ability to do this, it’s not rocket science, just a bit of computer science.

Comments are closed.