The CRA is now requiring taxpayers to use Two Factor Authentication (2FA) in order to log into their computer systems.
The version of 2FA that the CRA uses is based on SMS or VoiceCall to a known phone number. That is, they will either text or call you with the access code. If you try to access the account too many times without successfully logging into the account, your account will be locked.
Clients are advised to ensure that their phone number is kept up to date at the CRA as I do not transmit phone numbers to the CRA when I file the tax return.
(Be advised that the 2FA that the CRA is using can be hacked by SIM swapping as well as when you lose your cell phone. Caution is advised.)