Australian government portal urges residents to disable two-factor authentication

Australian authorities continue to urge their citizens to turn off two-factor authentication on the main portal of the myGov country. ( This portal is designed for quick access to a large list of public services: government payments, services for pensioners, the unemployed, families, medical services, insurance, child support, tax services, etc. Digital state. )

Two-factor authentication on the site is implemented by sending one-time passwords via text messages that complement the usual user password.

A number of users on Twitter noted that in addition to reducing security in general, these measures can become even more dangerous when people in the country go abroad:

The meaning of the proposed initiative is clear: most tourists change their Australian SIM cards to local ones when they go on vacation. After performing such actions, they will not be able to receive messages from myGov until they have moved their Australian map back to the device, which causes some trouble.
')
Simplifying the lives of its travelers, the government's proposal significantly neglects the security offered by two-factor authentication when working with an Internet site. This layer of security is even more important when you enter the site from a non-secure home or work network. Considering all the disadvantages of such a step, the insistent appeals of the state look rather sharply and push people to various kinds of reflections.

In the wake of public criticism, myGov left a comment on Twitter, stating that “people who decide to disable two-factor authentication will still have to enter the answer to the secret question to enter”:

On the page, following the link on Twitter, there is no information about secret questions and answers to them.

And even considering this possibility, it cannot be considered a full-fledged replacement for good two-factor authentication.