Saturday, July 30, 2016

The spread of technology

A further sign of the spread of technology in the United States, and in particular assumptions about technology.

The Social Security system has provided online access for several years. Online access is now needed to check your Social Security earnings statement (they are no longer mailed each year). It can also be used to apply for benefits, get tax statements, and find other information about your Social Security account.

Likely in a (probably misguided) response to recent government computer hacking, President Obama issued an executive order that agencies provide more secure authentication for online services. The Social Security Administration has responded with a new requirement. Those logging into the Social Security web site must provide a text message enabled cell phone and request a one time code by text message each time they log into Social Security.

So it now appears that Social Security recipients who might have computer access are also assumed to have a cell phone and know how to receive text messages.

Social Security's web site has already been annoying. Those still working need to log into the web site once a year to check their earnings statement. So what did Social Security do? Set a password expiration of 6 months. So every time you log into their site once a year you need to pick a new password.

Unfortunately, the added text message requirement is probably going to result in many elderly having more trouble managing their Social Security account (or more telephone support, which isn't necessarily very secure). Meanwhile, most cyber attacks are executed not by breaking into a consumer's account, but by phishing (convincing some low level employee to email big data files out) or by some semi-official access to the internal network of a company or agency. We can only hope they are figuring out how to improve this security.

No comments: