With the rollout of mandatory two-factor authentication for Gosuslugi, users can access their personal accounts from abroad even if they do not possess a Russian SIM card. The press service of the Ministry of Digital Development conveyed this information to socialbites.ca, noting that login via a one-time password application is an available option for those distant from Russia. This development aims to keep the portal secure while allowing residents and visitors to manage state services remotely and conveniently.
Officials clarified that individuals who do not have a phone number linked to their Gosuslugi account can still protect access by using alternate verification methods. The simplest option is a one-time code generated by a dedicated application that supports time-based one-time passwords (TOTP). To enable this feature, users can install any reputable OTP application on their smartphone or other compatible device and follow the setup steps suggested by Gosuslugi. This method reduces reliance on a single SMS channel and enhances protection against SIM swap and other authentication threats. The Ministry emphasized that these steps are designed to ensure continuous availability of government services for all users, regardless of their location or mobile carrier.
On October 20, a government decision mandated two-factor authentication for logging into Gosuslugi personal accounts. Previously, two-factor authentication was required primarily for new portal registrations and during account recovery. The updated policy adds an additional layer of security by requiring a second verification factor in combination with the username and password. Acceptable options include a one-time SMS code, a code from a dedicated application, or biometric data such as fingerprint or facial recognition where supported by the device. This shift aligns Gosuslugi with contemporary security standards and helps protect sensitive information stored in personal profiles, including access to welfare, tax, and social services portals. Attribution: Ministry of Digital Development.
Experts have long pointed out the vulnerability of online access to public services when single-factor authentication is used. The transition to two-factor authentication, along with the provision of multiple backup verification methods, is intended to mitigate risk and provide a smoother user experience for people who travel or live abroad. Users are encouraged to review their security settings in Gosuslugi and choose the method that best fits their devices and routines. The ongoing updates are part of a broader effort to modernize digital public services and reinforce trust in online government platforms. Attribution: Ministry of Digital Development.