The Online Identity Verification Process
tai tro choi One of our most important responsibilities is protecting your investment and personal information. Social Security takes this responsibility very seriously, and we have a robust cybersecurity program in place to help us succeed. Our security process follows federal guidelines that includes additional security measures so we can be sure that you are who you say you are when you conduct online business with us.
tai tro choi To protect the privacy of your identity and your information, we use an identity verification process.
- Requires you to sign in with a username and password;
- Offers extra security; and
- Complies with federal laws, regulations, and guidelines.
In addition to your username and password, you can choose either your cell phone or email address as your second identification method when you sign in to or register for my Social Security. Two forms of identification when signing in will help better protect your account from unauthorized use and potential identity fraud.
tai tro choi Each time you sign in to your account, you will complete two steps:
- Enter your username and password.
- Enter the security code we send by text message or email, depending on your choice (cell phone provider text message and data rates may apply).
If you choose to receive your one-time security code through email, you can add NO-REPLY@ssa.gov to your contact list to make sure it does not go into your spam or junk folder.
For additional tips to help you stay safe and secure online please visit the Federal Trade Commission's .
If You Cannot Or Do Not Want To Create An Account Online
If you are unable or unwilling to create an online account, you may still create an account in person by visiting your , firstname.lastname@example.org, ThankYou@ssa.gov, DoNotReply@ssa.gov, and echosign.com.
- In a few instances, we use marketing firms to raise awareness of Social Security’s online services, and this includes creating a my Social Security account. We allow these firms to send email directly to individuals. Any links you find within these emails should always point to a “.gov/” web address.
- To verify the web address of a link or picture, hover over it with your mouse until a text box appears with the web address. This is the actual address you will be directed to and it should always include “.gov/” A forward slash should always follow the “.gov” domain.
- Example - http://jassims.com/myaccount/
- Links to the official Social Security website will always begin with http://jassims.com/ or http://secure.ssa.gov/.
What should I do if I’ve received a phishing email pretending to be from Social Security?
- If you are not certain that an e-mail you received came from Social Security or one of our marketing firms, DO NOT respond to the email or click on any links contained in the email message.
- Report the incident by forwarding the suspicious email to the U.S. Computer Emergency Readiness Team (US-CERT) at email@example.com. (http://www.us-nocert.gov/nav/report_phishing.html).
What are other tips I can use for detecting phishing emails?
- Verify the sender. Exercise caution when receiving email from a sender you don’t know or haven’t heard from in a long time. Hover over the ‘From’ email address to ensure it matches the displayed email or name of the sender.
- Look for poor choices in wording, phrasing, or spelling.
- If an email includes a business name, telephone number, or website link, verify the legitimacy of these items by searching for the official number or website in a search engine.
- Do not respond to emails requesting personal information. Reputable businesses and public agencies will not ask you for personal information in an email.
Are there other resources I can use to learn more about phishing?
To avoid security problems, please keep your web browser up to date. For more information about "phishing," go to OnGuard Online.