Hacked: Hacking Finance

Australian Government Advises Citizens to Switch off Two-Factor Authentication

Introduction

Samburaj Das

Samburaj Das

Samburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.


LATEST POSTS

Alleged FBI Hacker Lauri Love Ordered to US Extradition by UK Home Secretary 15th November, 2016

The Largest Breach of 2016: 412 Million FriendFinder Accounts Exposed 14th November, 2016

Cybersecurity

Australian Government Advises Citizens to Switch off Two-Factor Authentication

Posted on .

It’s a move that beggars belief. The Australian Government, via Twitter, is advising citizens to turn off their 2FA or two-factor authentication setting when they’re out of mobile range, a normal occurrence when travelling abroad.

In a bizarre series of tweets, the Australian Government has advised citizens to disable two-factor authentication on their accounts on myGov, the Australian government’s main digital portal.

myGov is a portal wherein Australian citizens can access and manage several services including tax payments, health insurance and more, as reported by ArsTechnica. The 2FA security measure in the portal is a system wherein users receive text messages containing a one-time code that is required to go in tandem with their passwords as an increased security measure.

Here’s the already infamous tweet, posted by the myGov twitter account:

While the suggestion to turn off 2FA is cringe-worthy, it’s easy to see the reasoning behind the tweet. It’s the holidays and citizens travelling abroad for a short trip to Indonesia or any other destination Australians frequent for a quick holiday, are likely to change their SIM cards for a local one in their location. No Australian SIM card would mean no 2FA codes, which would leave them locked out of their accounts.

The above tweet explicitly states “Remember to turn off your myGov security codes before you go (overseas). And you can spend more time doing the important things,” which presumably doesn’t include adopting a better standard of security for one’s online account.

The criticism was predictably swift, with multiple Australians pouring scorn on the ill-advised tweets that make for bad advice.

In response to the criticism, myGov posted another tweet in trying to reassure users by stating that those who turn off security codes will still need to securely sign in with “secret questions and answers.”

If this were true, the security implementation to answer multiple “secret questions and answers,” would still be bizarre. As things stand, the URL mentioned in the tweet does not provide any added insight on the secret questions and answers.

Regardless of the context, a government body publicly advising users to lower the security on their accounts makes for a farce.

Featured image from Shutterstock.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.



Feedback or Requests?

DON'T MISS OUT

Samburaj Das

Samburaj Das

Samburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.

Comments
  • user

    AUTHOR /- . |< .

    Posted on 1:41 am December 24, 2015.

    Lulz. And they expect citizens to trust them with data.

  • View Comments (1) ...
    Navigation
    What follows is a comprehensive, reverse-chronological list of network security…