We updated MT to support Commsec's new security Question/Answer validation. MT should prompt you with 2 security questions if needed during the login. It should now work even if SMS is selected as the default validation. However, if you do not have security questions configured, then MT login will NOT work unless you login via website and select the option to remember this device, so that the login process will not ask again.
We may implement direct SMS support as well, but seems that Commsec turned off the security features again (they that last weekend too). We will look at this further when Commsec re-enables the stuff.