Article Lead Image

Douglas Muth/Flickr (CC BY SA 2.0)

Australia tells citizens to weaken security before traveling abroad

It’s nonsensical security advice hopefully no one will heed.


Dell Cameron


The Australian government is getting some grief online this week for telling its citizens to deactivate a two-factor authentication (2FA) security measure on their cellphones while travelling abroad.

The government is apparently concerned that while out of country and using foreign SIM cards, Australians might lose access to the government portal, myGov, which allows them to access services such as health insurance and tax payments.

By enabling 2FA, Australians ensure that only a person physically holding their cellphone—which should have its own layers of additional security—can access the myGov portal. The service automatically sends out a unique code via text message that must be entered properly at myGov before the user can enter the site.

According to the Australian government, for those who lose access to the mobile phone recorded on their myGov account, “you will not be able to access your myGov account and will need to call the myGov Help Desk for assistance.” It’s an inconvenience to be sure.

The myGov official Twitter account was working to help spread the message this week, tweeting: “turn off your myGov security codes” and “spend more time doing the important things.” Clearly unimpressed with the idea, one user replied: “Are you guys on crack? That’s insane.” 

Disabling 2FA is by definition a step that purposefully weakens the security of Australians overseas, heightening the risk that a malicious person might gain access to the myGov controls. It’s sacrificing security for the sake of convenience, leaving some to question whether that’s the best advice to come from a government agency.

Photo via Douglas Muth/Flickr (CC BY SA 2.0)

The Daily Dot