Singaporeans are not doing enough to keep their online accounts safe, such as using unique passwords, changing passwords regularly, and the use of two-factor authentication (2FA), according to a survey by Assurity Trusted Solutions.
Released Thursday, the survey showed 60 percent of respondents who file their tax returns online and 59 percent who use other government services do not change their passwords. Some 45 percent participants also do not have different passwords for all their online accounts, it said.
Of those who use online banking services, 10 percent change their passwords quarterly as recommended, while 52 percent never change their passwords. As for online security traders, 9 percent change their passwords quarterly and 54 percent of them never do.
"Good cyber hygiene practices are generally lacking across the board," Chai Chin Loon, chief operating officer (COO) of Assurity, noted in a statement.
The company is a wholly-owned subsidiary set up by Singapore's IT regulator Infocomm Development Authority of Singapore (IDA) to oversee the running of the National Authentication Framework (NAF). Its survey polled 346 Singaporeans during a roadshow between Apr. 2 to Apr. 4 this year.
Make 2FA a way of life
The survey also showed 68 percent respondents indicating that someone hacking into their financial information is their topmost concern when performing an online transaction. This was followed by identity theft at 45 percent, and private information made public at 44 percent.
These concerns could be why 74 percent of those polled acknowledged 2FA to be an important element of an ideal security process for users, it added.
Chai said: "Clearly the failure to activate 2FA is not due to a lack of awareness. End users should activate 2FA whenever possible to strengthen their online security."
He added consumers who conduct online banking are already more vigilant against cybercrime than other consumer demographic.
However, the COO stressed that educating users to make 2FA a way of life for sensitive online transactions such as e-mail, social networking, accessing online health records, and financial information, should continue to be a priority.
Last week, IDA revealed plans for an open tender to attract more operators to provide 2FA services for public sector agencies, which is part of its wider strategy to drive 2FA adoption in the country.