Electronic Bulletin Board Questions
How do you feel about two-factor authentication?
Do you use two-factor authentication for other services, and if so, which methods do you currently use?
The following questions relate to options for second-factor authentication using mobile devices and landlines.
Option 1: When you sign in to SSA with your username and password, SSA sends a text message with a numeric code to a cell phone number you provided. You enter the code on screen directly to complete the login.
How likely are you to use this option? Why?
How reliable is your cellphone reception in your area?
Option 2: When you sign in to SSA with your username and password, SSA calls a landline phone number associated with your account and speaks the numeric code. You enter the code on screen to complete the login.
How likely are you to use this option? Why?
How often do you use a landline?
Option 3: When you register for an account, SSA provides you a Quick Response (QR) code that can be scanned by a smartphone application such as Google Authenticator. When you sign in to SSA after registering, you scan the QR code with your smartphone.
How likely are you to use this option? Why?
Option 4: When you register for an account, SSA mails a list of codes to your home address. To log in, you will need to provide a code from the list.
How likely are you to use this option? Why?
Option 5: You download a smartphone application. When you sign in, the application activates and asks you to confirm the login is authentic. When you affirm, the sign in completes.
How likely are you to use this option? Why?
Out of options 1-5, list the options in order of preference beginning with your most preferred.
The following questions relate to options for second-factor authentication using E-mail services.
Do you share your email with anyone else? If so, would you be comfortable with a verification link or instructions being sent to that address?
Do you use the same email for all of your online business?
How do you typically check your email, e.g., using your smartphone or a computer?
How comfortable are you with a emailed security link being sent in an email to you? Would you prefer to use instructions that did not involve clicking a link (for instance, entering a code included in the email)?
What do you look for to see if an email is legitimate?
Do you have any other comments or suggestions?
Please read to participants:
PAPERWORK REDUCTION ACT STATEMENT: This information collection meets the requirements of 44 U.S.C. § 3507, as amended by section 2 of the Paperwork Reduction Act of 1995. The Office of Management and Budget approval number for this information collection is 0960-0788. We estimated that it would take approximately 90 minutes to participate in this survey. Send only comments on our time estimate to: SSA, 6401 Security Blvd., Baltimore, MD 21235-6401.
File Type | application/msword |
Author | 889123 |
Last Modified By | 889123 |
File Modified | 2015-02-11 |
File Created | 2015-02-11 |