Archive for August, 2016

“Cyberschizophrenia” in the US Government

US SchIn the last few days, the US Government both mandated and rejected the same method of cybersecurity.

It’s called Second Factor Authentication, specifically a One Time Passcode (OTP) sent by Short Message Service (SMS). So, together, its a “SMS OTP,” which is basically what happens when you receive a 4 to 6-digit security code to your  cell phone as a text message after you enter your username and password.  You must enter this security code (ususally) on the same screen where you entered your username and password as an extra factor of security to complete online registration and/or to sign in to an account.  The shorthand for all of this is sometimes referred to as MultiFactor Authentication, or MFA.

First, on July 30, the Social Security Administration (SSA) mandated the use of MFA:

We take our responsibility very seriously and, with that commitment, have always provided my Social Security account holders with the option of an extra layer of security: to receive a security code via a cell phone text message to complete online registration and every sign in. This type of process—requiring more than a username and password to access information—is referred to as multifactor authentication, or MFA.

On July 30, 2016, we implemented mandatory MFA to comply with Executive Order 13681, which requires federal agencies to provide more secure authentication for their online services. (SOURCE: on 8/3/2016)

Of course, since a few  Americans have a Continue reading