AskST: What is two-factor authentication (2FA)?

AskST: What is two-factor authentication (2FA)?
PHOTO: The Straits Times

Come Jan 15, two-factor authentication (2FA) will be made compulsory for all SingPass users.

Currently, more than 100 government e-services such as the Central Provident Fund (CPF) and Inland Revenue Authority of Singapore (Iras) require the mandatory 2FA to perform e-transactions.

So what is 2FA? It is the extra step a user has to take before logging in to an online account or making an online transaction.

It is usually in the form of a random code sent to a mobile device or via a token.

2FA is based on the idea that a second layer of security should come from something physically near the user, so a hacker cannot log in to your accounts with only a username and password.

Anyone who attempts to do so will be stopped by this second layer of security.

However, 2FA is not always foolproof.

If you opt for SMS one-time passwords and lose your mobile phone, hackers can get access to your accounts and information stored in your device.

Cyber security experts say using a token for 2FA is safer, even if it is more inconvenient.

Just remember to keep the token stored away in a safe place and never reveal the number generated to anyone.

on SPH Brightcove


This article was first published on December 19, 2016.
Get a copy of The Straits Times or go to straitstimes.com for more stories.

More about

Purchase this article for republication.

BRANDED CONTENT

SPONSORED CONTENT

Your daily good stuff - AsiaOne stories delivered straight to your inbox
By signing up, you agree to our Privacy policy and Terms and Conditions.