22 November 2024 – To safeguard taxpayers’ information and prevent malicious attacks on SARS data, SARS has initiated various initiatives to combat fraudulent activities. One such measure is the Two-Factor Authentication method, which adds an extra layer of security by requiring users to input two different authentication methods to login to eFiling.
The first layer of authentication requires users to enter their username and password. Once validated as correct, the second layer requires users to input a One-Time-Pin (OTP) sent to their preferred security contact details. Upon successful validation of the OTP, as correct, users are granted access to their eFiling profile.
The enhancements to the Two-Factor authentication method includes the following:
- Enforcing Two-Factor authentication on all Individual profiles,
- Confirming and updating of the security contact details.
The eFiling password requirements have also been enhanced. All new and changed passwords must meet the following criteria:
- Contain a minimum of 8 characters
- Include at least one uppercase, lowercase, numeric and special character
- Exclude personal information (like name / surname / email address / username);
- Exclude repetitive or sequential characters (like “aaaaa” or “12345” etc).
Furthermore, a password meter has been added to give eFilers a visual indication of the strength of the password.
For more information, see the updated Guides:
