Two-Factor Authentication

In an ongoing effort to combat tax identity theft, the IRS is moving all e-Service accounts to two-factor authentication on or after October 24, 2016.  They have been strengthening their identity authentication process for other self-help tools.  They refer to this process as “Secure Access”, and the intent is to help protect tax professionals, their clients and the IRS systems.

The IRS is targeting October 24th as the date they plan to move all e-Services accounts over to the stronger verification process.  If you already have an E-Services account, you will be required to re-register and verify your identity.

On, or after, the 24th, you should visit the e-Services website to update your account information. Once on the site, you will be directed through the Secure Access process, which includes identity proofing, financial verification and mobile phone verification.  Secure Access is a two-factor authentication process.  This means you will need to provide your credentials (username and password) AND the security code sent to your mobile phone via text.  In the past, you were only required to enter the credentials.  The part that is new is the security code that you will receive.  Coupled with the credentials, the process is more secure.  You can read more about two-factor, and multi-factor, authentication here.

After successfully registering and each time you return to e-Services, you will be required to enter your credentials and the security code sent as a text to your mobile phone.