Australian government tells citizens to turn off two-factor authentication
The Australian government has repeatedly called for citizens to turn off two-factor authentication (2FA) at its main digital government portal, myGov. The portal’s Twitter account has recently been updated several times with cute pictures encouraging holidaymakers to “turn off your myGov security codes” so that “you can spend more time doing the important things.”
The portal is the place where Australian citizens can use and manage a number of governmental services, including health insurance, tax payments, and child support. In case of myGov, two-factor authentication is implemented by sending users text messages that contain one-time codes to complement their usual passwords.
A number of people on Twitter pointed out that, while downplaying security isn’t a good idea in general, it could be even more dangerous when citizens go abroad: