If you have an online Social Security account, you will soon need to take an additional step to access your personal information.
In a move aimed at boosting protection for online users, the Social Security Administration as of June 10 will require two-factor authentication on its website. That means in order to log into or register for a “my Social Security” account, you will need to not only use (or create) a username and password but also enter a code you receive by text message or email. “Using two ways to identify you when you log on will help better protect your account from unauthorized use and potential identity fraud,” the agency says on its website.
The effort to beef up cybersecurity for Social Security accounts follows a similar move last year, which riled up some seniors and was quickly abandoned. In that case, the security code was to be sent only by text message, and advocates for older Americans expressed concern that seniors who didn’t have texting capability or reliable cell service would be locked out. (Users have already been able to sign up for two-factor authentication voluntarily, but the change makes it mandatory for all site users.)
The added email option makes the new change an improvement over last year’s effort, says Mary Johnson, a Social Security and Medicare policy consultant with the Senior Citizens League.
Current retirees can use online Social Security accounts to check their benefit and payment information, and to start or change direct-deposit arrangements. Yet the website can be even more useful to people in their working years, by providing Social Security statements showing a user’s earnings history and projected benefits. That statement can be a key resource in deciding when to start benefits—and because of budgetary pressures, the agency now mails those statements to far fewer people than it used to.