SMS as a form of 2FA is unsuitable considering the sensitivity of such information. On the other hand a government backed smart card would offer the appropriate level of authentication without locking out access to a section of users. On 30 Jun 2017, at 12:30, "Denis G. Wahome" <dwahome@gmail.com<mailto:dwahome@gmail.com>> wrote: Mark, While I do concur completely with your observation. I was considering the user group for the service. Other more advanced mechanisms would reduce the usability/accessibility by a large portion of the Country. A better way would be a registration process to access your records where one can select a Channel for 2FA Denis On Fri, Jun 30, 2017 at 10:54 AM, Mark Kipyegon via kictanet <kictanet@lists.kictanet.or.ke<mailto:kictanet@lists.kictanet.or.ke>> wrote: SMS is not a secure implementation of two factor authentication. On 30 Jun 2017, at 10:40, "kictanet-request@lists.kictanet.or.ke<mailto:kictanet-request@lists.kictanet.or.ke>" <kictanet-request@lists.kictanet.or.ke<mailto:kictanet-request@lists.kictanet.or.ke>> wrote:
A simple 2 Factor Authentication mechanism via SMS would suffice to start with.