Wednesday, June 4, 2014

Security - You can't take it for granted. Over 1,500 SingPass accounts potentially accessed

Source: CNA

It is really amusing that the Singpass is not using 2FA. OneKey, which is a Gov backed initiative is active and I believe many people received the Key. Even without onekey, Mobile phone can be a good 2FA device, and if SMS costs are huge (which is not the case but still), Googla 2FA or other software based 2FA can be used pretty safely.

Remember, SingPass let's the user access almost all kind of personal, confidential and private information. So I am disappointed with the SingPass provider. Wish there is some change soon and we can start to use 2FA. Atleast optionally.

1 comment:

  1. I agree. OneKey should be universally deployed across all Government e-services to enhance layer of security. This protects all Singaporeans personal & confidential information.

    ReplyDelete