No vulnerability in SingPass system

Communication and Information Minister Yaacob Ibrahim said in Parliament today that there is no vulnerability in the SingPass system. The recent SingPass breach could have been through other means such as users having very simple passwords that are easily guessed by cyber criminals or malware in users’ computers that capture keystrokes.
Going forward, the MCI will work with the Finance Ministry and the IDA to further enhance security measures including introducing two-factor authentication (2FA). SingPass is also implementing a system to allow users to define their own user names instead of the default NRIC or FIN number.
The Government is also looking at possibly mandating more frequent password changes for SingPass accounts, although this might result in a slight increase in cases in which users who forget their passwords are unable to access certain Government e-services.
For better protection, SingPass advise all users to update their anti-virus software and use a strong passwords that are alphanumeric with 8-24 characters, preferably with caps and symbols.
Or you can take XKCD’s advise for a strong password.

Leave a Reply

Your email address will not be published. Required fields are marked *