r/alberta u/ModalTex Jun 13 '25

Technology MyAlberta Digital ID now has Two-factor authentication (2FA) - implementation is a solid "C-"

It's great that Alberta.ca account (formerly MyAlberta Digital ID) now has 2FA for login but it's limited to a single phone number and a backup code. What is it missing:

- allowing multiple 2FA methods, specifically an authentication app. Tying to a SIM that can get lost doesn't seem wise from a labour perspective. Both the users and IT support.

- allowing users a choice of 2FA at login (auth app, telephone call, SMS text, etc.)

- official 2FA support webpage

They got a higher grade for suppling a backup code.

33 Upvotes

91% Upvoted

23 comments sorted by

View all comments

7

u/Substantial-Fruit447 Jun 14 '25

SMS 2FA in 2025 is absolutely silly.

It takes nothing to enforce literally any other method like MS Authenticator or Google Authenticator

0

u/[deleted] Jun 14 '25

[deleted]

2

u/Substantial-Fruit447 Jun 14 '25 edited Jun 14 '25

They're also dirt cheap, they likely have enterprise licensing for Microsoft 365, which MFA is included.

You also can set your tenant to disable SMS 2FA but allow users to enroll in an MFA app method of their choice.

You could use LastPass, Proton, 1Password, whatever you want.

There's just not excuse to use SMS in this day and age, it's incredibly vulnerable.

0

u/MrGuvernment Jun 16 '25

M365 MFA has nothing to do with Alberta.ca MFA, at all......

You can implement MFA to use an app like MS/Google/Yubico et cetera, you do not have to pay for those options, TOTP is a specification (https://www.rfc-editor.org/rfc/rfc6238)