The Canada Revenue Agency (CRA) is urging taxpayers to add an extra layer of security to their CRA accounts — a measure that will be required during the upcoming tax-filing season.
Beginning in February, CRA account holders will be required to have a backup multifactor authentication (MFA) option on file, the agency said in a release on Wednesday.
“This measure will further strengthen the security of CRA accounts and prevent users from getting locked out during the MFA process,” the release said.
MFA options include a passcode grid or third-party authenticator app.
The agency suggested that taxpayers sign in to their CRA accounts and add a backup MFA option now, to avoid delays or issues at tax-filing time.
Wednesday’s release also reminded taxpayers to regularly change their account passwords. The CRA revokes CRA user IDs and passwords that have been unused for a prolonged period, it said.
Further, the agency warned taxpayers about fake CRA websites. Taxpayers should confirm that the CRA web address begins in “Canada.ca” or ends in “cra-arc.gc.ca,” the release said. It suggested that taxpayers type the official CRA website directly into their web browsers.
Taxpayers were also warned not to click links in texts or emails, because the links can lead to fake websites.
More information about scams can be found on the CRA website.