From December 10, the authentication method for connecting to your CAF personal space will change! You will no longer have to enter your username and password to access it.
During the year 2024, the Family Allowance Fund (CAF) was hacked twice, which resulted in the disclosure on the Web of no less than 600,000 accounts last February, and security numbers social security and passwords of more than 60,000 French people last August. Particularly sensitive data, exposing beneficiaries to serious risks…
Indeed, in addition to bank details, CAF accounts contain users’ Social Security numbers, which, coupled with a password, allow them to access health services and carry out most administrative procedures in France. . Suffice to say that pirates dream of getting their hands on it…
To avoid any recurrence, CAF has therefore decided to put in place double protection from Tuesday December 10. Also, if you are a recipient, the connection to your personal space will be different from this date, since you will have to activate two-factor authentication (2FA).
To log in to your personal space, you will need to start by entering your Social Security number (username) and your password, as usual. Then click “Send Code”. Open a new tab to access your mailbox, where you will receive a six-digit code. Enter it on the login page. Please note, it is valid for 15 minutes only. Additionally, make sure to open your email in a new tab to keep the login page active. If you log in from the mobile app, you can use biometrics. It’s simpler, but just as secure, if not more so.
Keep in mind that a CAF advisor will never ask you for this verification code. So be wary if someone tries to take it from you, whatever the reason. The organization is taking advantage of the announcement of this change to remind people of the right actions to adopt to limit the risks of hacking and phishing. If you receive an email or SMS, check the sender’s address or number, and do not click on links you are not sure of the origin.
If you are ever the target of an online or SMS scam, forward the message to Signal Spam immediately, Pharosor directly to 33,700the platform specializing in reporting scams. You can also report these fraudulent messages to the site internet-signalement.gouv.fr. Then block the sender’s number or email address to no longer be bothered and delete the message in question.