this post was submitted on 23 Feb 2024
56 points (98.3% liked)

Canada

7203 readers
398 users here now

What's going on Canada?



Communities


🍁 Meta


🗺️ Provinces / Territories


🏙️ Cities / Local Communities


🏒 SportsHockey

Football (NFL)

  • List of All Teams: unknown

Football (CFL)

  • List of All Teams: unknown

Baseball

Basketball

Soccer


💻 Universities


💵 Finance / Shopping


🗣️ Politics


🍁 Social and Culture


Rules

Reminder that the rules for lemmy.ca also apply here. See the sidebar on the homepage:

https://lemmy.ca


founded 3 years ago
MODERATORS
 

What the title says. Before you had to choose either SMS / call via phone or a very clunky code grid.

you are viewing a single comment's thread
view the rest of the comments
[–] axby@lemmy.ca 1 points 8 months ago* (last edited 8 months ago)

It looks like you may be able to disable SMS 2FA entirely? It’s unclear to me (edit: if this is a viable option):

Can I stop getting Short Messaging Service (SMS) messages for CRA's Multi-factor authentication?

Yes. You can text "STOP" to 27223 or reply "STOP" to the message containing your one-time passcode to stop receiving SMS messages to that telephone number in the future. However, it is important to note that CRA's Multi-factor authentication (MFA) service is mandatory and a passcode is required to sign in to the CRA's sign-in services. Texting "STOP" will prevent your telephone from receiving an SMS message with your passcode in the future. Without the passcode, you will be unable to access the CRA sign-in services using this option and will need to choose an alternate MFA option to use. This option applies only to Canadian telephone numbers.

I’ll probably leave it enabled anyway just in case (given that I only log in to CRA once per year or so), but I applaud the potential of relying on TOTP only, and not allowing SMS 2FA as a “back door”.